> From: Jonathan Kushner [mailto:[EMAIL PROTECTED] > Subject: Tomcat 5.5.2 Configurations for JSESSION ID Cookie Append
If you're really running on 5.5.2, you need to move up - ASAP. Lots and lots of fixes, including security-related ones, have gone in since that version was released over four years ago. > I'm working with a current session identity issue between > separate browser instances, and have decided that the most > plausible solution is to reconfigure tomcat to auto-append > the JSESSION ID at the end of each URL. You will at least need to disable cookies: http://tomcat.apache.org/tomcat-5.5-doc/config/context.html%20Attributes Beyond that, I'm not aware of any automatic way of appending JSESSIONID; your webapp has to participate. Look at this message for one such technique: http://marc.info/?l=tomcat-user&m=117583468505179&w=2 - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
