tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 45255] support disable jsessionid from url against session fixation attacks
Date Fri, 04 Jun 2010 12:51:42 GMT

--- Comment #28 from Arvind Srinivasan <> 2010-06-04 08:51:33 EDT ---
Should changing the session id of an existing session object be treated the
same as creating a new session i.e. should the session creation listeners be
invokes setId() which in turn invokes the session creation listeners in

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message