Mr. Chandler, which container are you using in this example? I've seen this same thing when using Jetty.
On Oct 22, 2013, at 10:37 AM, Lenny Primak <[email protected]> wrote: > Sounds more like something else in your web container setup is overriding > this. I don't think there is an API to even do that. > > On Oct 22, 2013, at 1:36 PM, Michael Chandler wrote: > >> Interestingly, I tried that already and it didn’t change anything. I’m led >> to believe that Shiro is somehow overriding this. >> >> From: Lenny Primak [mailto:[email protected]] >> Sent: Tuesday, October 22, 2013 10:32 AM >> To: [email protected] >> Subject: Re: DefaultWebSessionManager >> >> add this to your web.xml: >> >> <session-config> >> <session-timeout>120</session-timeout> >> <tracking-mode>COOKIE</tracking-mode> >> </session-config> >> >> >> On Oct 22, 2013, at 1:30 PM, Michael Chandler wrote: >> >> >> In using the DefaultWebSessionManager, I’m finding that Shiro is appending >> “;JSESSIONID=###” to my URLs instead of using cookies, which I thought was >> the default. The DefaultWebSessionManager constructor appears to set >> sessionIdCookieEnabled to true and set a default cookie. Nevertheless, I’m >> still seeing the JSESSIONID value in the query string, which is having a >> poor effect on my Spring MVC mappings. >> >> Does anyone have any advice on how to get around this problem? Ideally, I >> would prefer to use cookies. >> >> Mike >> >> >> The information transmitted, including attachments, is intended only for the >> person or entity to which it is addressed and may contain confidential >> and/or privileged material. Any review, retransmission, dissemination or >> other use of, or taking of any action in reliance upon this information by >> persons or entities other than the intended recipient is prohibited. If you >> received this e-mail in error, please notify the sender immediately by >> replying to the message and deleting the material from your computer. >> >
