-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Markus,
Markus Reis wrote:
> I added a HttpSessionListener to my web.xml, which only makes a
> System.out.println("session created | destroyed") whenever one of those
> events occurs and found out that before NewSession Servlet (remember the url
> I call is http://localhost:48080/webAntWeb/NewSession?...) is entered I see
> the following sequence
> "Session created"
> "Session destroyed"
> as often as "number of cookie headers"-1 and at the end there's one
> "Session created"
> which is then used in the following conversation's requests.
Really? So, given a fresh TC startup and a browser with no cookies, a
single request results in /many/ "Session created/session destroyed"
messages on your console?
That's bad.
That suggests to me that you have some code that is repeatedly
invalidating the session and then creating another one. If that's the
case, it's no wonder you are getting so many Set-Cookie headers.
Try this:
Write a filter that wraps the HttpServletResponde object with an
HttpServletResponseWrapper object that you customize. Override the
addCookie method like this:
public void addCookie(Cookie c)
{
super.addCookie(c);
new Throwable("Created Cookie").printStackTrace();
}
This will emit a stack trace whenever code adds a cookie to the
response. Try this with a small number of request parameters ;)
Look to see where all the addCookie headers are coming from. They'll
probably be coming from Tomcat's internal code, but you should look
further up the stack to see if it's in your code. Maybe a filter. Maybe
a servlet. Check those places in the code. They may be killing the
current session and re-creating it inappropriately.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkkcXtIACgkQ9CaO5/Lv0PDItgCdG79ifx/CUjwsjSKkPFhGWfpP
yQ8Anjho2cO17oV28v79q8PDfTomrkfu
=/6D+
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
