This is true, when I go to http://localhost:7777/ it will immediately (302) redirect me to http://localhost:777/home.html (my home page is mounted here).
AFTER that, the home page will 302 redirect me to http://localhost:777/home.html;jsessionid=xxx All the links on the home page will, after this, contain the ;jsessionid part, so clicking anywhere will pass on this token in the URL, and it will never go away. If I manually remove the token by typing in the URL http://localhost:777/home.html then it will 302 redirect me to the http://localhost:777/home.html;jsessionid=xyz URL, but the session ID will be different. This means my previous session has been lost and a new one has been created. Looking at the HTTP headers, I can see this: Set-Cookie: JSESSIONID=xyz; HttpOnly So the website definitely tries to set the session id. But when I click on any of the links, in the request headers I will not see the browser sending the JSESSIONID cookie back to the server. It looks like the browser forgot about it. There is no time duration in the header, which is correct since this is a session cookie. Btw. isn't it a problem that the cookie name is (upper case) JSESSIONID, while the URL has a (lower case) jsessionid? I'm using an AuthenticatedWebApplication, which has a getWebSessionClass() class. I could be wrong, but I think the session class instance should be created only once per session. Here, I see it is being created on every request. Also, if I write request.getCookie(JSESSIONID) it will always return null. I did some more tests, and looks like this mostly happens on Firefox. On IE and Chrome, after a few clicks, the jsessionid disappears from the URL. So what's wrong with Firefox? I'm using the latest version with default settings, why wouldn't it remember the session cookie? -- Sent from: http://apache-wicket.1842946.n4.nabble.com/Users-forum-f1842947.html --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
