On October 23, 2018 9:19:50 PM UTC, "Robert J. Carr" <rjc...@gmail.com> wrote: >Actually, there's a small correction to my session persistence >description >from before. From the doc I referenced here: > > >https://tomcat.apache.org/tomcat-8.5-doc/config/manager.html#Special_Features > >It says: > >> Whenever Apache Tomcat is shut down normally and restarted, or when >an >application reload is triggered, the ... All such saved sessions will >then >be deserialized and activated ... > >But here's what I'm finding: > >* if the application is restarted then the session and its contents are >maintained as expected > > * if the application is undeployed and redeployed (while the server >remains running) a new session is silently generated, and any contents >disappear, but the user maintains her authentication
As expected. Redeploy (undeploy+deploy) != reload (stop+start) > > * if the server is shut down and restarted then everything seems to >disappear, as I then get a 403 when trying to access the protected page Expected behaviour here will depend on whether a server shutdown shuts down Tomcat cleanly. From your description it sounds like it does not. Mark >Again, this isn't consistent with the documentation, so not sure what >I'm >doing wrong. > >Thanks- >Robert --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
