Spent sometime in the debugger and it is Shiro that is appending the JSESSIONID
on a redirect if the session cookie hasn't been set yet.
So, now I'm off to figure out how to turn it off in Shiro.
Thanks again for your help!
Sincerely,
Stephen McCants
On Wed, 19 Nov 2014 01:51:53 +0300
Konstant
2014-11-19 0:53 GMT+03:00 Konstantin Kolinko :
> 2014-11-19 0:21 GMT+03:00 Stephen McCants :
>> Hello Konstantin Kolinko,
>>
>> I fixed my dumb web.xml schema declaration. Thanks for pointing that out.
>>
>> I also added the COOKIE tracking mode to the example servlet and it worked
>> there (the
2014-11-19 0:21 GMT+03:00 Stephen McCants :
> Hello Konstantin Kolinko,
>
> I fixed my dumb web.xml schema declaration. Thanks for pointing that out.
>
> I also added the COOKIE tracking mode to the example servlet and it worked
> there (the URL encoded link did not contain the JSESSIONID).
>
> S
Hello Konstantin Kolinko,
I fixed my dumb web.xml schema declaration. Thanks for pointing that out.
I also added the COOKIE tracking mode to the example servlet and it worked
there (the URL encoded link did not contain the JSESSIONID).
So, next I turned on logEffectiveWebXml="true" and verifie
2014-11-18 2:49 GMT+03:00 Stephen McCants :
> Hello,
>
> I'm trying to remove the JSESSIONID from my URL the first time someone hits
> my Tomcat Web App, but I've not been able to get it working for some
> reason that eludes me. This is under Tomcat 7.0.37 and Tomcat 7.0.56.
>
> First thing I tri
Hello,
I'm trying to remove the JSESSIONID from my URL the first time someone hits my
Tomcat Web App, but I've not been able to get it working for some
reason that eludes me. This is under Tomcat 7.0.37 and Tomcat 7.0.56.
First thing I tried was to add session-config/tracking mode to my web.xml
