-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Richard,
kennardconsulting wrote: > ...does Tomcat do something clever, like checking the User-Agent, before > agreeing to hook into the existing '123' session? No. Tomcat will append the jsessionid parameter if the client has not yet proven that Cookies will be sent back to the server. Usually, this happens on the response to the first request, but not after any cookie has had a round-trip to the client back to the server. > If I log in using, say, Firefox and note the jsessionid, then open a new > Firefox and paste in a URL like the one above it works as expected. But if I > open IE and paste the same URL it doesn't work? What do you mean "doesn't work"? You don't get the same session (you should)? Or, you get the same session, but further URLs don't contain the jsessionid parameter? If the latter is the case, then IE is simply sending a cookie to Tomcat and therefore Tomcat knows that the session id can be managed with a cookie and URL rewriting doesn't have to be done. > Does the URL rewriting check the User Agent? Can I turn this off? \No user agent checking, so there's nothing to disable. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkkbMzsACgkQ9CaO5/Lv0PDrPgCfbRThbmXP8KrbcyNlZbBKGqSS TE8AoKpnnFHXUrHh7NL5aKG25CMtq7+O =e1BJ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
