Hi,
I use TOMCAT 3.2
I tried to invalidate a session by calling HttpSession session.invalidate()
The session is not really invalidated. If the user clicks he does not get the same
sessionId (with request.getSession(false)) as before the invalidate() call:
but he gets a session with another sessionId: somehow the invalidate() routine creates
a new cookie with another sessionId. Strange is that I never created this sessionId
before.
Does anybody know about this?
Axel Lannion/France
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
