tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 51631] Bug in the Session Fixation Protection Feature
Date Mon, 08 Aug 2011 10:53:47 GMT

--- Comment #6 from Mark Thomas <> 2011-08-08 10:53:47 UTC ---
I think you need to re=read my previous response.

The Tomcat Manager application does exactly this and it works. I confirmed that
a simple test application also works as expected.

The session is not removed / deleted / destroyed. The only change is that the
session ID is modified.

This is an application issue and you need to use the users mailing list to get

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message