It's kind of hard to fight the specification in the long run. I would think the language would need to be loosened up from MUST. The specification could suggest the use JSESSIONID by default, which would be supported by Tomcat; yet still allow it to be configurable. Not sure I understand why it would be so problematic for proxies and looking at the code base it would be a trivial change. Is this matter still a candidate for and enhancement request so we can put it to a vote?
On Wed, Sep 24, 2008 at 10:53 AM, Mark Thomas <[EMAIL PROTECTED]> wrote: > Remy Maucherat wrote: >> On Wed, 2008-09-24 at 14:52 +0100, Mark Thomas wrote: >>> The 3.0 servlet spec mentions this (ie Tomcat 7) but there is nothing to >>> stop this being added to 6.0.x >> >> I am not aware of such a proposal in Servlet 3.0 (session cookie >> configuration and tracking coinfig, but no config for the cookie name or >> URL parameter name). > It is in section 7.1.1 of the 3.0 early draft. It only applies to the > cookie name. Making the url parameter configurable would be non-spec > complaint but I don't see a good reason not to allow it if users have a > requirement for it. > >> Esp making this configuration per context would a >> problem to manage, so -1 for that. > I don't see why. Looking at the code, this would be really simple. At least > wait until there is a proposed patch before trying to veto it. > >> The fixed names are labelled as "MUST" in the sepc. OTOH, I had to >> accept a hidden system property for specific customers because of >> Weblo :( Definitely this is a showcase for bad policies of big >> proprietary vendors, and their bad consequences. > That depends if the customers had a genuine requirement to change the name > (not that I can think of one of hand). If they did then it is more the spec > not keeping pace with user requirements. Tomcat has a couple of non-spec > compliant configuration options as well. > > Mark > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]