> From: Jonathan Kushner [mailto:JKushner@npr.org]
> Subject: Tomcat 5.5.2 Configurations for JSESSION ID Cookie Append
If you're really running on 5.5.2, you need to move up - ASAP. Lots and lots of fixes, including
security-related ones, have gone in since that version was released over four years ago.
> I'm working with a current session identity issue between
> separate browser instances, and have decided that the most
> plausible solution is to reconfigure tomcat to auto-append
> the JSESSION ID at the end of each URL.
You will at least need to disable cookies:
http://tomcat.apache.org/tomcat-5.5-doc/config/context.html%20Attributes
Beyond that, I'm not aware of any automatic way of appending JSESSIONID; your webapp has to
participate. Look at this message for one such technique:
http://marc.info/?l=tomcat-user&m=117583468505179&w=2
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|