Change JSESSIONID cookie on WebCenter Content / UCM

Sometimes we hate an issue, last week was one of them. Due an incompatibility with a legacy portal that customer already has, I was forced to modify UCM session cookie.

If you check Oracle Support website with this task, you will find this note DocID 1507003.1

Not really usefull for me, isn't it? :-)

You should be familiar with <session-descriptor> under weblogic.xml file

More info: https://docs.oracle.com/cd/E13222_01/wls/docs81/webapp/weblogic_xml.html#1038173

On my first attempt I tried to modify only cookie-path, but for some reason UCM was not capable to get the session from another path.

So I get deeper on the code and tried to modify JSESSIONID name cookie. This are the steps you should follow to.

Locate your "cs.ear" file

Go to your weblogic console of WCC domain in my VM for example
http://wcp:7001/console/

Go to "deployments" option menu

 

Now locate your "WCC" main web-app



Click over the deployment and you will get into details and will find the location of the EAR on the installation.

 

In my case /u01/oracle/middleware/Oracle_ECM1/ucm/idc/components/ServletPlugin/cs.ear

Download the file to your desktop.

Modify descriptors file

Now is necessary to modify web.xml and weblogic.xml

This is how weblogic.xml should look like

<weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.bea.com/ns/weblogic/weblogic-web-app" xsi:schemalocation="http://www.bea.com/ns/weblogic/weblogic-web-app.xsd">
 <session-descriptor>
  <persistent-store-type>replicated_if_clustered</persistent-store-type>
  <cache-size>0</cache-size>
  <timeout-secs>1200</timeout-secs>
  <cookie-name>UCMJSESSIONID</cookie-name>
 </session-descriptor>
 <container-descriptor>
  <resource-reload-check-secs>1</resource-reload-check-secs>
 </container-descriptor>
 <security-role-assignment>
  <role-name>SSOrole</role-name>
  <principal-name>users</principal-name>
 </security-role-assignment>
</weblogic-web-app>

As you see I've added the <cookie-name> to the original file.

And this is how web.xml should look like
(only the beggining of the file, the rest is unmodified)

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
 <display-name>cs_servlet</display-name>

 <welcome-file-list>
  <welcome-file>portal.htm</welcome-file>
 </welcome-file-list>

 <!-- [ JPS Integration ] -->
 <filter>
  <filter-name>JpsFilter</filter-name>
  <filter-class>oracle.security.jps.ee.http.JpsFilter</filter-class>
  <init-param>
   <param-name>enable.anonymous</param-name>
   <param-value>true</param-value>
  </init-param>
  <init-param>
   <param-name>remove.anonymous.role</param-name>
   <param-value>false</param-value>
  </init-param>
  <init-param>
   <param-name>application.name</param-name>
   <param-value>IDCCS</param-value>
  </init-param>
  <init-param>
   <param-name>IdcSessionKey</param-name>
   <param-value>UCMJSESSIONID</param-value>
  </init-param>
 </filter>

 <filter-mapping>
  <filter-name>JpsFilter</filter-name>
  <url-pattern>*</url-pattern>
  <dispatcher>REQUEST</dispatcher>
  <dispatcher>FORWARD</dispatcher>
 </filter-mapping>
 <!-- [ End JPS Integration ] -->

 <filter>
  <filter-name>IdcFilter</filter-name>
  <filter-class>idcservlet.IdcFilter</filter-class>
  <init-param>
   <param-name>UseRedirectedAuthPrompt</param-name>
   <param-value>1</param-value>
  </init-param>
  <init-param>
   <param-name>IdcServerType</param-name>
   <param-value>server</param-value>
  </init-param>
  <init-param>
   <param-name>IdcProductName</param-name>
   <param-value>idccs</param-value>
  </init-param>
  <init-param>
   <param-name>IdcSessionKey</param-name>
   <param-value>UCMJSESSIONID</param-value>
  </init-param>
 </filter>

 <filter-mapping>
  <filter-name>IdcFilter</filter-name>
  <url-pattern>*</url-pattern>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>INCLUDE</dispatcher>
  <dispatcher>REQUEST</dispatcher>
 </filter-mapping>


 <servlet>
  <servlet-name>
   adfAuthentication
  </servlet-name>
  <servlet-class>
   oracle.adf.share.security.authentication.AuthenticationServlet
  </servlet-class>
  <init-param>
   <param-name>allow_success_url_param_overwrite</param-name>
   <param-value>true</param-value>
  </init-param>
  <init-param>
   <param-name>allow_logout_url_param_overwrite</param-name>
   <param-value>true</param-value>
  </init-param>
  <init-param>
   <param-name>IdcSessionKey</param-name>
   <param-value>UCMJSESSIONID</param-value>
  </init-param>
 </servlet>

After modifiying this files, you can package them into the .war and the war into the .ear.

Copy the new "cs.ear" file to your system replacing the old one.

Now stop the app and re-deploy it with weblogic console, and reboot the node to take the changes.

Appendix

Modify your Apache .conf file to setup the new cookie name.

I think that is not necessary 100% but I also added to my instance this configuracion under each "<location>" on my apache configuration file.

<Location /cs>
   SetHandler weblogic-handler
   WebLogicCluster server1:16200,server2:16200
   WLCookieName UCMJSESSIONID
</Location>
<Location /idc>
   SetHandler weblogic-handler
   WebLogicCluster server1:16200,server2:16200
   WLCookieName UCMJSESSIONID
</Location>
<Location /adfAuthentication>
   SetHandler weblogic-handler
   WebLogicCluster server1:16200,server2:16200
   WLCookieName UCMJSESSIONID
</Location>

This is all, my next step will be to add this modifications with a deployment plan file, this will make unnecessary to modify "cs.ear" file on the filesystem of our installation.