Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Cookie conflict in IAC prgateway app when CookieHandler used



When an IAC prgateway.war application is deployed in the same JVM as another J2EE application, and a user logs into for the first time, screen displays details that does not belong to that login user. 

Error Messages

Not Applicable.

Steps to Reproduce

  1. Login to web portal.
  2. Click on link that launches IAC Gadget.
  3. Notice the rendered page that some of the info does not belong to that logged in user.

Root Cause

A defect or configuration issue in the operating environment. CookieHandler is a JVM wide setting.
Irrespective of which application sets it, it impacts all the applications deployed in that JVM.
When CookieHandler is set, it keeps track of all cookies for each unique RequestURI. This cookie handler sets cookies from previous calls to the new outbound HttpURLConnections, which is retrieved by backend Pega application, causing unexpected results. 


Make the one of following changes to the operating environment: 

Move the prgateway application to a JVM that does not have CookieHandler set.
Remove CookieHandler set code from the other application that is deployed in same JVM as prgateway application.


Suggest Edit

Published January 31, 2016 - Updated October 8, 2020

Did you find this content helpful? Yes No

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us