Hey Frank, glad to help you narrow this down to your individual application instead of modifying the global Tomcat config—smart move, since that avoids affecting other apps on the server. Let's walk through exactly how to set up sessionCookiePath correctly in your app's local context.xml:

Step 1: Confirm the Target File #

You’re right to focus on C:\Dir_GATE_Web\web\META-INF\context.xml—this file overrides the global Tomcat conf/context.xml settings only for your application, which is exactly what you need here.

Step 2: Correctly Configure sessionCookiePath #

Open your app's context.xml and update the <Context> tag to include the sessionCookiePath attribute. The value should match the context path your app is running under (this directly fixes your earlier Nginx session issue, since mismatched cookie paths are a top culprit for broken persistence behind proxies).

Here’s what the modified file should look like (adjust the path to match your setup):

<Context sessionCookiePath="/your-app-context-root">
    <!-- Keep any existing configuration inside this tag if you have it -->
</Context>

• If your app is deployed at the root path (e.g., Nginx proxies https://your-domain.com/ directly to your app), set sessionCookiePath="/".
• If your app uses a specific context path like /gate (e.g., Nginx proxies https://your-domain.com/gate to your Tomcat app), set sessionCookiePath="/gate".

Step 3: Deploy and Verify #

1. Save the modified context.xml, then rebuild/redeploy your WAR file (or restart Tomcat if you’re deploying the directory directly).
2. Clear your browser’s cache and cookies to ensure old, misconfigured cookies don’t interfere with testing.
3. Use your browser’s developer tools (F12 → Application tab → Cookies) to check that the session cookie’s Path matches the value you set. This confirms the config is working as intended.

Why This Fixes Your Nginx Session Issue #

When using Nginx as a reverse proxy, if Tomcat sets a cookie path that doesn’t align with the URL path users see in their browser, browsers won’t send the session cookie back to the server—leading to lost sessions and broken functionality. By setting sessionCookiePath to match the public-facing path, you ensure cookies are correctly attached to every request.

内容的提问来源于stack exchange，提问作者Frank