Drools reports HTTP 500 error - An invalid character [34] was present in the Cookie value

Symptoms

When using the Drools page from the TAC menu it gives an error.

  • Type: Exception Report
  • Message: An invalid character [34] was present in the Cookie value
  • Description: The server encountered an unexpected condition that prevented it from fulfilling the request.

    Exception 
    java.lang.IllegalArgumentException: An invalid character [34] was present in the Cookie value 
    org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateCookieValue(Rfc6265CookieProcessor.java:182) 
    org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:115) 
    org.apache.catalina.connector.Response.generateCookieString(Response.java:1019) 
    org.apache.catalina.connector.Response.addCookie(Response.java:967) 
    org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:386) 
    org.uberfire.ext.security.server.SecurityIntegrationFilter.doFilter(SecurityIntegrationFilter.java:61) 

 

Diagnosis

This is due to Tomcat's cookie processing being changed to an RFC 6265-compliant implementation by default in 8.5, which does not allow the space character (character 34), among others. As a workaround, you can configure Tomcat to use the legacy cookie processor.

 

According to official docs at Apache Tomcat 8 Configuration Reference Version 8.5.24, the standard implementation of CookieProcessor is org.apache.tomcat.util.http.Rfc6265CookieProcessor.

 

Solution

To resolve this issue, add this line in conf/context.xml at location %CATALINA_HOME% (for example, C:\apache-tomcat-8.5.20\conf\context.xml). The location could be different depending on your install path.

<CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />

This is how it looks like after adding the line:

<?xml version="1.0" encoding="UTF-8"?>
<Context reloadable="true">
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<Transaction factory="bitronix.tm.BitronixUserTransactionObjectFactory"/>
<CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />
</Context>
Version history
Revision #:
4 of 4
Last update:
‎12-18-2017 01:03 PM
Updated by: