@Tim : Thank you for your answer. > [Tim wrote:] "Uncertain" is a bit vague. Yes. Ok. This is my understanding which is "uncertain" then. What happens is what you wrote: "a new session for the user with _none_ of the objects from the old session in it".
> [Tim wrote:] If every page in the web app is supposed to require > authentication you need to declare that in web.xml. Can you tell me how? > [Tim wrote:] I'm assuming (perhaps incorrectly) you've already got some > declaration in there for form authentication? What are you thinking about? Can you be more precise? I guess I should have examined this issue sooner but things are the way they are, aren't they? Thank you and best regards, -- Léa -- View this message in context: http://old.nabble.com/Session-expiration---browser--Web-application-tp32780678p32781413.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
