On 04/01/2010 21:43, Ken Bowen wrote: > I'm not sure about that. Run through your test again, but this time: a) look at the html source of the responses and/or look at the URLs for the links you are clicking on before you click on them.
> Here's what seems to me to be the sequence of > events: > > Browser sends initial request http://myapp.com > Tomcat creates session and generates page for this request. > Tomcat doesn't know that Browser supports cookies, so it should > append jsessionid (but doesn't ??) Nope. The URL displayed in the address bar is the one you requested. You should also take a look at the links in the html source at this point. > Browser get's Tomcat response & display's page with address: > http://myapp.com Correct. > Browser creates JSESSIONID cookie (using info supplied by Tomcat in > response): > Cookie has contents: 4E4F86E5B779F43BCA7895B8A554FDCD > ----- > Browser makes 2nd request, for http://myapp/anotherPage. Browser must > definitely by now be stating that it supports cookies. Correct. But look at the URL for the link you click on at this point. > Tomcat prepares response, adding jsessionid (why?), Nope. Again, the URL in the address bar is the URL you requested. It is not part of the response. > the SAME > jsessionid as in the cookie: 4E4F86E5B779F43BCA7895B8A554FDCD > Browser displays response with jsessionid showing in address bar. Correct. > ---- > More interactions, but no more jsessionid's..... Correct. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org