I deployed a Spring boot application in a Weblogic Server with other apps running under the same domain. Suppose that I visit my web application and I keep it open in one tab, and then I open a different app of the same domain in a second tab. Then if I switch to my first tab, my endpoints are returning ERROR 500 because the session is null.
I found that the problem is the cookie JSESSIONID, which is overwritten when I open a new app, and then my application backend throws the error.
So I want to ask, what is the best solution to this problem, without bringing up security issues.
The solution is to set a different cookie name for each web app. To update the cookie used by WebLogic for session afinity change your weblogic.xml file as below :
<session-descriptor>
<cookie-name>[YOUR JSESSIONID NAME]</cookie-name>
<cookie-domain>[YOUR COOKIE DOMAIN]</cookie-domain>
</session-descriptor>
Read this documentation for details.