On Mon, 2013-01-21 at 14:33 -0600, José Luis Cetina wrote:
> If i remember this is the default behavior starting from Tomcat 6.0.x the
> "name" is Session Fixation Protection. i remember if you dont want
> this behavior you have to set to false the changeSessionIdOnAuthentication
> attribue.
Thanks. That resolves the issue. When I add the Valve directive below
to context.xml, the application works as expected.
<Valve className="org.apache.catalina.authenticator.FormAuthenticator"
changeSessionIdOnAuthentication="false"/>
--
William J. Eaton, [email protected] (713) 202-1620
LifeFormulae, LLC
9119 Highway 6 South #228
Missouri City, TX 77459
