[
https://issues.apache.org/jira/browse/SHIRO-361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14217285#comment-14217285
]
Stephen McCants commented on SHIRO-361:
---------------------------------------
Tomcat has ways to disable the appending of the JSESSIONID to the URL. I
assume most other Servlet Containers do as well. It would be nice if Shiro
respected the Servlet Container's setting. Would that be possible or is that
information not accessible?
> HttpServletResponse.encodeURL: only append JSESSIONID when necessary
> --------------------------------------------------------------------
>
> Key: SHIRO-361
> URL: https://issues.apache.org/jira/browse/SHIRO-361
> Project: Shiro
> Issue Type: Improvement
> Components: Web
> Reporter: Les Hazlewood
> Fix For: 1.3.0
>
>
> The JSESSIONID only needs to be added to the URL when cookies are disabled.
> Ideally, this would be resolved via SHIRO-360.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
