any.
> * IMPLEMENTATION NOTE: This object is not saved and
> * restored across session serializations!
> */
> private transient Principal principal = null;
>
>
> I don't know of any effort to change this behavior in Tomcat.
>
> Cheers
> -bo
If a user is logged in (by using FORM auth), and tomcat is restarted,
the "logged in" status for the user is forgotten, even though the
session and session attributes are remembered.
Apparently the status is not stored in the session (but in a HttpRequest note)?
Is this a "feature", or is there
