tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 51631] Bug in the Session Fixation Protection Feature
Date Mon, 08 Aug 2011 10:53:47 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=51631

--- Comment #6 from Mark Thomas <markt@apache.org> 2011-08-08 10:53:47 UTC ---
I think you need to re=read my previous response.

The Tomcat Manager application does exactly this and it works. I confirmed that
a simple test application also works as expected.

The session is not removed / deleted / destroyed. The only change is that the
session ID is modified.

This is an application issue and you need to use the users mailing list to get
help.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message