Agreed, I am using way too many.

The platform was written years ago, what’s happening is that it’s creating cookies for HTML games, unique to each game. The games sit on servers that do not have CF as they are HTML5, so it was an inexpensive way to be able to scale the servers without any ACF (license cost) required. Now I have Lucee it’s a different story but I’d still need to make the session work across all servers though. Either way, it’s not possible/feasible to rethink and change the design including changing 59 games where the cookie checking is included ( https://www.kigso.com )

What I don’t understand is what you are doing different than I am doing in creating the cookies so that it’ll work.

I added a path
I added a domain
I tossed in standard debugging so, We try, and if that fails, we implicitly try again.

I added the code “correction” before i realised your header size is so large, that it blows through the connector buffer.

connector buffer is by default 8KB
I set it to something large enough that your application will crash at the APJ connector level,.

So what do I do next? The code you uploaded had two CFLOOP’s both creating the cookie. I’m totally lost

all you need is this:

<CFLOOP INDEX="TheCookie" FROM="100" TO="183">
    <!--- Ensure the cookie name follows valid naming conventions --->
    <CFCOOKIE name="A#TheCookie#B" value="#TheCookie#-#CreateUUID()#" expires="1">
</CFLOOP>
<CFLOCATION URL="displaycookies.cfm">

My test code was that, to test how your code sample works

In better design CFLOCATION should be triggered before CFTRY, making CFTRY almost useless, but I am over zelous with trying to debug crap.

The secondary cflocation, will attempt to implictly use the testURL if the primary cflocation failed.

Bit overkill and pointless based upon what we know of your application.

call me crazy… but isn’t that code the same as mine?

You asked for lucee help, with your code I was able to figure out your issue.

As for the complete debug of your code, do something like this:

<cftry>
    <!--- Loop through the range of cookies --->
    <cfloop index="TheCookie" from="100" to="183">
        <!--- Debugging output to track the loop and cookie creation --->
        <cfoutput>
            Processing Cookie Number: #TheCookie#<br>
        </cfoutput>

        <!--- Ensure the cookie name follows valid naming conventions --->
        <cfset cookieName = "A" & TheCookie & "B">
        <cfset cookieValue = TheCookie & "-" & CreateUUID()>
        
        <!--- Debugging output to track cookie names and values --->
        <cfoutput>
            Creating Cookie: #cookieName# with Value: #cookieValue#<br>
        </cfoutput>
        
        <!--- Try creating the cookie with debugging and catching any issues --->
        <cftry>
            <!--- Set the cookie --->
            <cfcookie name="#cookieName#" value="#cookieValue#" expires="1">
            
            <!--- Log success for debugging purposes --->
            <cflog file="cookieDebug" text="Successfully created cookie: #cookieName# with value: #cookieValue#" type="information">
        
        <cfcatch type="any">
            <!--- Handle and log errors during cookie creation --->
            <cfoutput>
                Error occurred - Blame ME -- while creating cookie #cookieName#: #cfcatch.message#<br>
            </cfoutput>
            <cflog file="cookieErrors" text="Error creating cookie: #cookieName# - #cfcatch.message#" type="error">
        </cfcatch>
        </cftry>
    </cfloop>

    <!--- Redirect to displaycookies.cfm if successful --->
    <cflocation url="displaycookies.cfm">
    
<cfcatch type="any">
    <!--- Catch any unforeseen errors - Thank BNEDEL for the idea --->
    <cfoutput>
        Major error occurred during the process: #cfcatch.message#<br>
    </cfoutput>
    <cflog file="cookieErrors" text="Error in cookie creation loop: #cfcatch.message#" type="error">
</cfcatch>
</cftry>

You did however need to modify server.xml and / or catalina.policy.

I copied all of the code above to cookie.cfm and ran it on the Lucee server. Same error
Please check and adjust your setup:
Ensure that Tomcat is running on given host and port.
If this is a timeout error consider adjusting IIS timeout by changing executionTimeout attribute in web.config (see manual). [2024-10-04 13:49:59 ]

Object Moved

I realized I had not cleared the previous cookies, so cleared the cache and ran again, same issue but it only displays the Object Moved message, nothing else

After you update server.xml and catilina.policy you need to restart Lucee, flush your caches if any and run your browser in privacy / incognito mode so you are not caching old data.

okay. I can reboot the Lucee server when I make the changes and clear the cache on the browser.

Any chance you can just clarify which changes to which files I should make as I am not crystal clear on what I can leave at default and what I will need to add

No offense, but Kind of already gone above and beyond here.

edit /whereeveryouhaveluceeinstalled/tomcat/conf/server.xml
in the line that says “Connector”
make it look something like this:

  <Connector port="8888" protocol="HTTP/1.1"
               connectionTimeout="20000"
maxHttpHeaderSize="655360"
               redirectPort="8443" />

In the same file in the line that has
Connector protocol=“AJP/1.3”
under where it says RedirectPort

Put this before the />

connectionTimeout="60000"   
packetsize="65536"
maxHttpResponseHeaderSize="65536"
maxHttpRequestHeaderSize="65536"
maxHttpHeaderSize="65536"
maxTrailerSize="65536"
maxExtensionSize="-1"
keepAliveTimeout="-1"

Save the file

Restart and test, if it works, great no further editting needed otherwise

edit /whereeveryouhaveluceeinstalled/tomcat/conf/catalina.policy

right after the section that has "

    // Precompiled JSPs need access to these packages.
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.el";
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
    permission java.lang.RuntimePermission
     "accessClassInPackage.org.apache.jasper.runtime.*";

Add this:

//hack begin

    // The cookie code needs these.
    permission java.util.PropertyPermission
     "org.apache.catalina.STRICT_SERVLET_COMPLIANCE", "read";
    permission java.util.PropertyPermission
     "org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING", "read";
    permission java.util.PropertyPermission
     "org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR", "read";

    // Applications using WebSocket need to be able to access these packages
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.websocket";
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.websocket.server";
};
 //hack end

save the file
restart lucee

Thanks Terry, I REALLY appreciate all the time and help with this.

I’ll sort the above and report back

Okay, instructions followed carefully. I updated the server.xml first, rebooted, tried it, failed. updated the catilina.policy, rebooted, tried it, failed. Each time it just displays

Object Moved

what does your application log state

test directly on lucee, does it work, if yes go to iis settings
if no, what did you miss in your setup of lucee.

in iis,
I assume you have friendly "errors " on, Turn that to off for explict details to the error.

could be
output bufferig
could be the use of the rewrite module
could be the boncode settings file
“BonCodeAJP13.settings”

It may need to be setup as

<EnableRemoteHttps>True</EnableRemoteHttps>
<EnableHTTPStatus>True</EnableHTTPStatus>

Check to make sure its using port 8009

I ran a test on it locally using http://localhost:8888/cookies.cfm it worked, kind of. It certainly does not throw the Object Moved error, although like ACF it looks like it’s worked but when you look at the output, there are cookies missing, it’s only allowing around 174 cookies (depending on the payload from the UUID values I presume, it can change), erasing the older ones and replacing with the newer ones.

I only need 69 or so cookies, so that would work, however, we I go to the domain and test it through IIS, I get that error.

This server was a clone of another server that was running IIS/ACF with the same domain with no issues. I had just cloned it, removed ACF and added Lucee, I did not change anything in IIS.

I changed error messages to Detailed errors in IIS but it still gives me the Object moved

I remarked out the CFLOCATION put the text “end” in there along with a CFABORT, but it just returns a totally empty page

Check the application.log in tomcat / lucee see what is the latest “ERROR”

when you have your output working directly on tomcat/lucee then move to troubleshooting IIS & the connector for it.

At a 69+ cookies, you are more than likely blowing over the default max header size in IIS.

• As for empty pages –
  If your headers are working correctly, then cflocation should move the request to the correct spot, which usually indicates your script did not complete or has some other error.

There is no error showing in the application.log

This does work on ACF on IIS. This is a clone of the server that it works on with ACF removed and Lucee replacing it, with no changes to IIS

Thanks, @aspirenet , for returning to share your experience.

Hi @aspirenet , could you remind us of the CFM code that you use for testing?

To test whether I can write enough cookies or not I’m using the attached, the value in the TO in the loop would just need pushing up a little for things to go wrong

cookie.cfm (2.3 KB)
displaycookies.cfm (103 Bytes)