Make sure you are using version "3.0" of the web.xml namespace. Not sure that tag gets used if you are using the older servlet specification.
On Tue, Oct 22, 2013 at 1:42 PM, Michael Chandler < [email protected]> wrote: > I’m using Tomcat 7.**** > > ** ** > > *From:* M.C. Wilson [mailto:[email protected]] > *Sent:* Tuesday, October 22, 2013 10:40 AM > > *To:* [email protected] > *Subject:* Re: DefaultWebSessionManager**** > > ** ** > > Mr. Chandler, which container are you using in this example? I've seen > this same thing when using Jetty.**** > > ** ** > > On Oct 22, 2013, at 10:37 AM, Lenny Primak <[email protected]> wrote: > **** > > > > **** > > Sounds more like something else in your web container setup is overriding > this. I don't think there is an API to even do that.**** > > ** ** > > On Oct 22, 2013, at 1:36 PM, Michael Chandler wrote:**** > > > > **** > > Interestingly, I tried that already and it didn’t change anything. I’m > led to believe that Shiro is somehow overriding this.**** > > **** > > *From:* Lenny Primak [mailto:[email protected]] > *Sent:* Tuesday, October 22, 2013 10:32 AM > *To:* [email protected] > *Subject:* Re: DefaultWebSessionManager**** > > **** > > add this to your web.xml:**** > > **** > > <session-config>**** > > <session-timeout>120</session-timeout>**** > > <tracking-mode>COOKIE</tracking-mode>**** > > </session-config>**** > > **** > > **** > > On Oct 22, 2013, at 1:30 PM, Michael Chandler wrote:**** > > > > > **** > > In using the DefaultWebSessionManager, I’m finding that Shiro is appending > “;JSESSIONID=###” to my URLs instead of using cookies, which I thought was > the default. The DefaultWebSessionManager constructor appears to set > sessionIdCookieEnabled to true and set a default cookie. Nevertheless, I’m > still seeing the JSESSIONID value in the query string, which is having a > poor effect on my Spring MVC mappings.**** > > **** > > Does anyone have any advice on how to get around this problem? Ideally, I > would prefer to use cookies.**** > > **** > > Mike**** > > **** > > > The information transmitted, including attachments, is intended only for > the person or entity to which it is addressed and may contain confidential > and/or privileged material. Any review, retransmission, dissemination or > other use of, or taking of any action in reliance upon this information by > persons or entities other than the intended recipient is prohibited. If you > received this e-mail in error, please notify the sender immediately by > replying to the message and deleting the material from your computer.**** > > **** > > ** ** > > ** ** >
