On 15/01/2011 09:59, [email protected] wrote: >> The behaviour is configurable. Set the changeSessionIdOnAuthentication >> attribute to false on the FORM authenticator valve > > Hm, ok. I do not use tomcat's auth mechanisms. I use spring security. > Something must have changed between TC 6.0 and 7.0. And I have no idea > what...
As has already been explained, the session ID changes on authentication. This is listed in the change log. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
