Vaadin 7 deploy to tomcat 7 error with cookies


i’m new to vaadin and am currently developing a web app in vaadin for the first time. Thing is, i have a problem when i deploy to a live tomcat 7 server, even with a standard app. To illustrate the error, here is the link for the demo page and you can see the error:

That application is created when you create a new vaadin 7 app with the vaadin addon for eclipse, and it works on 2 servers. It’s strange cause the application doesnt require any kind of session or cookie and you will get the message “cookies disabled”. Can anyone please help? I have been struggling with this for a week and i can’t find any answers for this


please see
for a possible solution.


Hello There,

I am just making assumptions, I believe you have disabled cookies at Server Level. To check if this is the cause please open the file under ${CATALINA_HOME}/Conf/context.xml and check if
attribute under
tag is set to true. If set to false then turn it to true. If you do not wish to turn it to true due to other applications running in the same Server, then Create file called context.xml folder under ${APP_HOME}/META-INF/context.xml(In eclipse WebContent/META-INF) and copy the following snippet in to it.

This are default contents from my local context.xml file


<!-- Default set of monitored resources -->

<!-- Uncomment this to disable session persistence across Tomcat restarts -->
<Manager pathname="" />

<!-- Uncomment this to enable Comet connection tacking (provides events
     on session expiration as well as webapp lifecycle) -->
<Valve className="org.apache.catalina.valves.CometConnectionManagerValve" />
[/code]Pls let me know if this doesnt solve the issue. Also, Check the link [b] Teppo Kurki [/b] as posted, it may be of some help.


Hi all,

First of all, thank you for the reply you guys have provided, you are trully awesome for making time to answer!

I have come across what
Krishna Phani Kumar Kotari
mentioned before. The snippet you have is the one by default on the server i am working on. This server belongs to my internship company so i cannot change the context.xml, however i tried to create the context.xml within my project with the snippet plus the useHttpOnly=“true”, and didn’t have success (as you can see in the link).
I am convinced that probably the problem comes from the server side in a way, but i cannot prove it and the company just doesn’t care (since its just a curricular internship project).

Thank you for your time,
Jorge Pinto

Hello There,

What is the version of tomcat you are using?

And secondly, where did you create context.xml?
If you are using eclipse create it under ${PROJECT_ROOT}/WebContent/META-INF if you are using any build tool to create a war ensure that you have the file under ${WAR_ROOT}/META_INF and please try this by removing attribute

Also, Please reload your application after making these changes.


The version of tomcat i am using is the Tomcat 7.0.52

The IDE i use is Eclipse Kepler with Vaadin addon. I placed the context.xml in the ${PROJECT_ROOT}/WebContent/META-INF just like suggested, and confirmed it’s existence after deploy on the server. Tried with the useHttpOnly and without it, without success.
For further information, when i ask eclipse to create the war file, i use the option “optimize for a specific server runtime” and use the Tomcat 7 server runtime

Thanks for you time,
Jorge Pinto


I just looked at your demo app with FireBug’s cookie tab. It shows that indeed the HttpOnly is enabled for the cookie, so that definitely seems to be your problem. Unfortunately I don’t know if/how you can change that for a specific deployment.

It’s a big help Teppo Kurki! I’ll try to research if i can change it for a specific deployment, or else i’ll try to explain the situation to the company on the matter.

Thank you for your time,
Jorge Pinto

After a long argument, the company changed the server configurations according to what you guys proposed, problem solved. i thank you.

I am having this issue now, and need some help to get it resolved. In my context.xml for the server I do not either the cookies or useHttpOnly flags listed or set. I modified the application confriguration file in in /conf/Catalinia/localhost/.xml, so that the context line reads as follows , but that did not seem to work. So I have some question.

  1. What do I actually need to change? Do I need both the cookies and useHttpOnly flags? What should their values be?
  2. Can I make the change in the .xml file or does it need to made in the context.xml file? Can I make it elsewhere? (I do not have a context.xml under my WEB-INF directory, but I do have a web.xml file.)
  3. Is a restart of the tomcat server required for this change to take effect?

Thank you

Okay, some additional information. I have another system that I use for test/QA and that one works. The same basic Vaadin code. Both servers are running Tomcat 7 (not sure about the minor version numbers). The only difference is that one that does not work is Windows and the one that does work is Linux.

I was getting the “Cookies disabled” error on a Vaadin app running on a tomcat server. The reason was that my web.xml only allows HTTPS access, but the URL started with http://. When I manually changed it to https://, it worked! Now I need to figure out why my tomcat didn’t automatically redirect http URLs to https (as it should and as it did in the past).