Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 59315 invoked from network); 4 Feb 2008 19:13:31 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 4 Feb 2008 19:13:31 -0000 Received: (qmail 90460 invoked by uid 500); 4 Feb 2008 19:13:20 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 90437 invoked by uid 500); 4 Feb 2008 19:13:20 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 90426 invoked by uid 500); 4 Feb 2008 19:13:20 -0000 Delivered-To: apmail-jakarta-tomcat-dev@jakarta.apache.org Received: (qmail 90423 invoked by uid 99); 4 Feb 2008 19:13:20 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 Feb 2008 11:13:20 -0800 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 Feb 2008 19:13:00 +0000 Received: by brutus.apache.org (Postfix, from userid 33) id B50B4714072; Mon, 4 Feb 2008 11:13:07 -0800 (PST) From: bugzilla@apache.org To: tomcat-dev@jakarta.apache.org Subject: DO NOT REPLY [Bug 44354] New: - cookies=false not honored when jsessionid comes from a cookie Message-ID: X-Bugzilla-Reason: AssignedTo Date: Mon, 4 Feb 2008 11:13:07 -0800 (PST) X-Virus-Checked: Checked by ClamAV on apache.org DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG� RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND� INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=44354 Summary: cookies=false not honored when jsessionid comes from a cookie Product: Tomcat 5 Version: 5.5.25 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Catalina AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: samkwitty@yahoo.com CC: samkwitty@yahoo.com setting cookies=false in the context does not work if the session comes from a cookie. Here is the scenario: 1. Start tomcat with cookies=true. 2. Connect to this tomcat and cookies will be used to store session info. 3. change cookies=false and restart tomcat 4. Connect again using the same user and browser as in #2 note that cookies are still being used. --> This is the bug (should use URL-Rewrite) 5. connect using a new user/browser and URL rewrite is used. If cookes=false is set then URL rewrite should always be used (and the session should not be stored in a cookie) regardless of where the initial session id came from. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org