Are you using sub-domains for your application? Do you have difficultly in maintaining the Java session across sub-domains? Here is a way you can share Java session over sub-domains.

First you should understand, why the session is not shared by default on sub-domains. As you know Java session is maintained based on a cookie called "JSESSIONID". This cookie will be sent to the browser by the server with the domain name that has been requested by browser. i.e.; let's consider I've a domain called "" and I'm accessing homepage, Java container will send a JSESSIONID cookie with the domain "" to the browser. And it is browser's responsibility to send JSESSIONID cookie value back to the server for the subsequent requests made on

So, cookies are clearly based on the domain name. If I've a sub-domain on i.e.;, by default I can't share the JSESSIONID that has been set on over the sub-domain. Since we can't share the JSESSIONID, you can't share java session. i.e.; if user logs on can't be retained on

In order to share the session across sub-domains, you've to overwrite the existing JSESSIONID cookie to be supported for all the sub-domains. Very simple, all you've to do is - create a new cookie with the same name JSESSIONID and assign the value as current session id and the domain name should be "".

Implement the below code snippet wherever you've shared the session values i.e.; you can do this in a login action as soon as user logs in successfully on one domain.

//specifying name and value of the cookie
Cookie cookie = new Cookie("JSESSIONID", request.getSession(false).getId());
String domainName = request.getServerName(); //Gives in our example
String domainNamePrefix = domainName.substring(domainName.indexOf("."), domainName.length()); //Returns
//Specifies the domain within which this cookie should be presented.

You can even create a filter and overwrite the JSESSIONID value within the filter code.