I'm guessing the reason its in the spec is so that hardware load balancers can map sessions back to the originating machine.
George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 > -----Original Message----- > From: Stefan Bethke [mailto:[EMAIL PROTECTED] > Sent: Friday, November 11, 2005 3:19 AM > To: users@tomcat.apache.org > Subject: Why can the JSESSIONID name not be changed? > > Hi, > > I hope this is the right list to ask; if not, please direct me to a > better place... > > We're currently integrating a couple of web sites under a single > domain. Some of the sites run on separate Tomcats, others use PHP, > Perl or a number of proprietary systems. We believe that having > multiple containers use the same session cookie will lead to problems. > > So we assumed that we could just configure each container to use a > separate cookie. However, the specification points out in section > SRV.7.1.1SRV.7.1.1 that "[t]he name of the session tracking cookie > must be JSESSIONID." > > I'd like to understand the rationale for this requirement. If the > container manages the session, why would an application care about > the actual mechanism used to track the session? Why can this not be > made configurable? > > > Thanks, > Stefan > > -- > Stefan Bethke <[EMAIL PROTECTED]> > Tallence GmbH, Baumwall 3, D-20459 Hamburg, Germany > Mobile +49 170 3460140, Office +49 40 360935-0, Fax +49 40 360935-10 > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
