Hi sundartri, After you invalidate the session, also delete the cookie that is tracking the session. This way you will get a new sessionId when the next time you call request.getSession(true).
In my case, I'm using JBoss 4.0.3SP1 and the cookie name is JSESSIONID. use cookie.setMaxAge(0) will delete the cookie. That should do the trick. Good Luck. Dave. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3957871#3957871 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3957871 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
