tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Tomcat creates a cookie with a new jsessionid when timeout occurs
Date Tue, 01 Aug 2006 13:49:43 GMT
Hi there.

I have the following problem in my web application.
I am using the url rewriting method for session maintenance, but when a
timeout occurs in my web application, tomcat sets a cookie named
jsessionid (used for session tracking purposes) with a new session id
value before redirecting the user to the login page. This jsessionid
cookie value does not match the previous session id, it is a new one,
and is also different from the new one created in the (re)login

Why does this happen? Does tomcat always create a jsessionid cookie
when a timeout occurs? And if this is a tomcat issue, how do I disallow
this (if it is possible, anyway)?

Luís Amorim

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message