-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Konstantin,
On 7/14/2011 10:53 AM, Christopher Schultz wrote:
On 7/14/2011 10:40 AM, Konstantin Kolinko wrote:
I cannot say without reading the letter of the spec.
I'll take a look.
Servlet 3.0 section 14.4.10 is the only place I can see that
age isn't updated to reflect the current
state of the session.
-Original Message-
From: Konstantin Kolinko [mailto:knst.koli...@gmail.com]
Sent: Wednesday, July 13, 2011 8:55 PM
To: Tomcat Users List
Subject: Re: Session cookie max age
2011/7/14 Josh Simmons josh.simm...@colinx.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Konstantin,
On 7/13/2011 8:54 PM, Konstantin Kolinko wrote:
AFAIK, 1) Tomcat won't send Set-Cookie when session id is already
known (either from this webapp or from webapp on its parent path
such as ROOT).
That would sound like a bug. If the
2011/7/14 Christopher Schultz ch...@christopherschultz.net:
Konstantin,
On 7/13/2011 8:54 PM, Konstantin Kolinko wrote:
AFAIK, 1) Tomcat won't send Set-Cookie when session id is already
known (either from this webapp or from webapp on its parent path
such as ROOT).
That would sound like
On 14/07/2011 15:27, Christopher Schultz wrote:
Konstantin,
On 7/13/2011 8:54 PM, Konstantin Kolinko wrote:
AFAIK, 1) Tomcat won't send Set-Cookie when session id is already
known (either from this webapp or from webapp on its parent path
such as ROOT).
That would sound like a bug. If
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Konstantin,
On 7/14/2011 10:40 AM, Konstantin Kolinko wrote:
2011/7/14 Christopher Schultz ch...@christopherschultz.net:
Konstantin,
On 7/13/2011 8:54 PM, Konstantin Kolinko wrote:
AFAIK, 1) Tomcat won't send Set-Cookie when session id is
Konstantin Kolinko wrote:
...
1) Updating it with every response sounds lame.
2) max-age value should be consistent between all web applications
that might share the session cookie.
Otherwise there will be inconsistencies and breakages.
Are you not confusing max-age with last access ?
The
On 14/07/2011 15:54, André Warnier wrote:
Konstantin Kolinko wrote:
...
1) Updating it with every response sounds lame.
2) max-age value should be consistent between all web applications
that might share the session cookie.
Otherwise there will be inconsistencies and breakages.
Are you
Hello,
We have recently upgraded our tomcats to Tomcat7 in order to gain the new
exposure to the configuration of the session cookie, namely the max age
property. I had tried reading posts about getting it to work with tomcat6 but
writing multiple cookies to the request caused problems for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Josh,
On 7/13/2011 2:14 PM, Josh Simmons wrote:
We tried to set the cookie max age to 3 hours, the exact same time as
our session timeout.
So, this is a non-session cookie?
However, I was extremely surprised that the session cookie didn't
get
[mailto:ch...@christopherschultz.net]
Sent: Wednesday, July 13, 2011 3:01 PM
To: Tomcat Users List
Subject: Re: Session cookie max age
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Josh,
On 7/13/2011 2:14 PM, Josh Simmons wrote:
We tried to set the cookie max age to 3 hours, the exact same time
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Josh,
On 7/13/2011 5:15 PM, Josh Simmons wrote:
I was afraid I wasn't being specific enough - sorry.
session-config session-timeout180/session-timeout
cookie-config max-age 10800 /max-age /cookie-config
/session-config
Can you post your
: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Wednesday, July 13, 2011 5:43 PM
To: Tomcat Users List
Subject: Re: Session cookie max age
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Josh,
On 7/13/2011 5:15 PM, Josh Simmons wrote:
I was afraid I wasn't being specific enough
2011/7/14 Josh Simmons josh.simm...@colinx.com:
Our web.xml file minus listeners and servlet config. I also removed some
taglib definitions.
?xml version=1.0 encoding=ISO-8859-1?
!DOCTYPE web-app
PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN
14 matches
Mail list logo