tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: Tomcat creates a cookie with a new jsessionid when timeout occurs
Date Tue, 01 Aug 2006 16:36:07 GMT

> Hello, Christopher.
> Thanks for your reply.
> Can you please tell me how do I turn off container-managed authentication?

You need to remove any <security-constraint> elements from your web.xml

Note that the presence of any <security-constraint> elements probably
means that your application is expecting some kind of authentication.
Don't turn off logins just because you're angry that sessions are being
created ;)


View raw message