tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <>
Subject Re: Tomcat 7 applet session problem
Date Wed, 06 Jul 2011 21:18:11 GMT
On 06/07/2011 21:54, S Arvind wrote:
> Hi All,
>          Web application presently running in the tomcat 6 which has applet
> in it. In that applet we make a connection to server using URL class and get
> some data from the server after it loads. In this process we got error after
> updating to the tomcat 7. The problem is the session between the web
> application and the applet varies which runs in the same browser tab. Dont
> know why in tomcat 7 the applet request was considered as separate session
> but instead in tomcat 6 bot are considered as same session request. Is there
> any configuration changes for it?

Tomcat 7.0.x and later versions of 6.0.x change the session id after
authentication*.  You can't rely on the session id remaining the same,
the applet will need to check for session id changes in the cookie (or url).


* In order to prevent some session hijacking attacks

View raw message