> > Our Tomcat 5.5 sends 30 cookie > > (cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod; > > domain=null; path=/) > > Are they all identical?
No. They are ALL different (and they also differ from response to response) > > > and 900 Set-Cookie > > (header=Set-Cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod; > > Path=/; Secure) headers in the http response header back to the > > external clients (during the initial http request/response). > > Same here: identical? No. Each of the 30 DIFFERENT session id's from above are repeated thirty times. > > > The 900 Set-Cookie headers contain each "cookie" JSESSIONID thirty > > times. > > That is crazy! How are you observing this behavior? LiveHTTPHeaders/http > protocol sniffer? Wireshark/packet sniffer? Yes it is crazy - I observed this using org.apache.catalina.valves.RequestDumperValve in my server.xml > > > If I submit the same request from my machine I get a only/as expected > > one cookie and one Set-Cookie header back in the initial response. > > Er... what do you mean "from my machine"? What are you using when you > get 900 Set-Cookie headers? "My machine" is my PC at work. The requests where a repsonse with 900 SetCookie headers is returned, are sent from PC's of our partners, which operate in one single network (and thus all have the same IP, which is the IP of the partner network's proxy server). If I use some other PC connected to the internet I have the same expected behaviour as from my PC at work. So those responses are only/exclusively produced for requests coming from PC's of our partners. markus -- GMX Download-Spiele: Preizsturz! Alle Puzzle-Spiele Deluxe über 60% billiger. http://games.entertainment.gmx.net/de/entertainment/games/download/puzzle/index.html --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
