> The behaviour is configurable. Set the changeSessionIdOnAuthentication > attribute to false on the FORM authenticator valve
Hm, ok. I do not use tomcat's auth mechanisms. I use spring security. Something must have changed between TC 6.0 and 7.0. And I have no idea what... --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
