Hello, I'm trying to remove the JSESSIONID from my URL the first time someone hits my Tomcat Web App, but I've not been able to get it working for some reason that eludes me. This is under Tomcat 7.0.37 and Tomcat 7.0.56.
First thing I tried was to add session-config/tracking mode to my web.xml, resulting in: <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd";> <web-app xmlns="http://java.sun.com/xml/ns/javaee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"; version="3.0"> <session-config> <tracking-mode>COOKIE</tracking-mode> </session-config> .... However, that didn't seem to have any effect, so next I setting it in the default /conf/web.xml: <session-config> <session-timeout>30</session-timeout> <!-- Disable writing the session cookie on the URL --> <tracking-mode>COOKIE</tracking-mode> </session-config> This to had no effect. I also found no error messages in the logs and didn't turn up anything helpful on Google, so I'm at a loss as to why this isn't working. On our production server, we are using mod_rewrite and Apache to strip it out of the URL, so the user never sees it, but I'm needing to do some testing on a local system and would rather not have the complication of Apache present. Some of the software running tests is getting confused by the JSESSIONID on the URL the first time it hits our login page, so it doesn't recognize the login page. Thoughts as to where I might have gone wrong? Thanks in advance. Sincerely, Stephen ---------- Stephen McCants Senior Software Engineer Healthcare Control Systems, Inc. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
