tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luis.Amo...@alcatel.pt
Subject Tomcat creates a cookie with a new jsessionid when timeout occurs
Date Tue, 01 Aug 2006 13:49:43 GMT
Hi there.

I have the following problem in my web application.
I am using the url rewriting method for session maintenance, but when a
timeout occurs in my web application, tomcat sets a cookie named
jsessionid (used for session tracking purposes) with a new session id
value before redirecting the user to the login page. This jsessionid
cookie value does not match the previous session id, it is a new one,
and is also different from the new one created in the (re)login
process.

Why does this happen? Does tomcat always create a jsessionid cookie
when a timeout occurs? And if this is a tomcat issue, how do I disallow
this (if it is possible, anyway)?

Regards,
Luís Amorim


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message