On 24/10/2011 16:30, chad.da...@emc.com wrote:
> The specification ( servlet 2.4 ) says that the servlet session may
> be implemented via session cookie or, in the case of https, via the
> ssl mechanism. My server is only accessible via https. Does tomcat
> use the ssl mechanism in this case?
No
The specification ( servlet 2.4 ) says that the servlet session may be
implemented via session cookie or, in the case of https, via the ssl mechanism.
My server is only accessible via https. Does tomcat use the ssl mechanism in
this case? I do see the JSESSINID cookie, so as far as I can tell
