-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Rahul,
On 7/21/15 6:38 AM, Rahul Kumar Singh wrote: > “;jsessionid=C1A67FB90E1300DF14EE027A3634A34B” passed in URL > "localhost:8080/login.jsp;jsessionid=C1A67FB90E1300DF14EE027A3634A34B" > > is not received in tomcat 6(V6.0.28). It is received in tomcat > 7(V7.0.54). What is reason for the different behavior? I'm not sure why the change in behavior, but when a client requests a protected resource, the container has to redirect that client to the login page. Before the redirect, a session is created to hold the saved-request to the originally-requested protected resource. This session id needs to be preserved. If the container can't tell if the client supports cookie-based session tracking, it must encode the session id in the login URL just in case. You'll find that, if you use a browser with cookies enabled, after the login page there will be no jsessionid path parameters in your URLs. Is the presence of the jsessionid path parameter a problem for you? (And at this point, it's really a good idea to start planning your upgrade path to Tomcat 8, which is quite reliable and stable. Tomcat 6 will EOL 2016-12-31: http://tomcat.apache.org/tomcat-60-eol.html) - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVrmJmAAoJEBzwKT+lPKRYhZ4P/0CcVBy4y8S4uXbgc/0ClZ3Z nD5IBoCei2B3Nek1ioK9gTKpvC+ft0XmQ8ZSoqLKKaz8yuBR8S4Ghts6XzTKogSL LKLm/WBoNlVw9WcD22HyiVx614irOWow1Z/kuWOHywxC1D+D9YGgN+I85xdc0ubo gV/7831REdUZdBM0m9D58p/LBZn57cBC79/MPFNOY+jgh2vRuvTjQ2wugH1F4GMi ll3Oj7DivwusVH5NBzR1kdr+8doM8IRTqpPJIXhptTlyZwCvo9BcdgQgapbAG0Ds mn3DKBSfiAbxXt64syerLyZWsU0kHWu9nMFaglprFSN+enGXZIDOsi1VxhUbms+A 9n3mFJn4oXNnQ4dIy6V2ZKmRNiMYspSqeVh0qNb34qZYqfQHTjV2e7MYU+cwBk44 qy77vB2FAiwrAu73bF/E0U+aw6PrvjX/S2/6hfN6rePh7+nwX2cYrEGMHd57rUQA OZWaJZ5YQAuguglkKQy7Kz6i7zpUy8IA0oKd7fEYweMBb8TxpxO9sck1UgRRu/Xl SvUGShSVgOSGqR22mHzIawmCiPacDQBg/c3IdqkegRhMnOuLnkM8s08/oeNRazSC ZLi8Ano7Yy97Mc064yKFn5pwFWSLCYN3p4brHkNrv49rulp5CUSU3jRZTdVCBueh MG41DNmnywwNsl4yaJBG =Ieud -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
