Hi,Yes, you are right, CXF is used only as a client and JSESSIONID seems to be set indeed by the HttpSession.However, what I find strange is that even if I try to disable it manually at web-service level by using: Client wsClient = ClientProxy.getClient(proxyObject); wsClient.getRequestContext().put(Message.MAINTAIN_SESSION, false);the JSESSIONID is still passed.Now if CXF gives the possibility to say if you want to maintain or not the session I think it should really behave like that.If I run any CXF client in an Applet and I try to disable the JSESSIONID like I mentioned above, it is not working.Do you have any suggestion on how I can manually invalidate the HttpSession used by CXF behind?
-- View this message in context: http://cxf.547215.n5.nabble.com/can-t-disable-session-support-JSESSIONID-is-always-created-tp5759638p5759663.html Sent from the cxf-user mailing list archive at Nabble.com.
