Caldarale, Charles R wrote:
From: Zsolt Koppany [mailto:[EMAIL PROTECTED]
Subject: JSESSIONID doesn't contain the port
we have two web applications running on the same host (with
the same tomcat) but on DIFFERENT ports.
For curiosity's sake, why are you doing that?
Buf, if one tomcat application refers on URL of the second
application the browser (FF-2.0.0.14 IE-6) get a NEW a new
JSESSIONID thus the browser looses its session-id to the
first application.
I don't think that cookies are ever port-specific.
But I believe what Zsolt is trying to say, is that the cookies /name/
being the same, when one application for whatever reason decides that
this is a new session, it overwrites the JSESSIONID cookie of the other,
because its session cookie is also named JSESSIONID and comes from the
same host (which usually does make cookies specific, but not in this
case, since it is the same host). Since this (new) cookie comes from
the same host and is called the same, the browser happily overwrites the
old one. So when the user goes back later to his old session on the
other port, the browser sends the last-gotten cookie, but that's not the
one Tomcat is expecting there.
Now, maybe the issue is whether the session of one application can or
cannot be valid for the other. If they just shared a session (and a
cookie), then there would be harmony again.
André
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
