When accessing pages within my web app using https, orion is rewriting url's by appending a string of type ;jsessionid=myid even though it is sending a JSESSIONID cookie that is accepted by the browser. URL's that have a query string are not rewritten. When accessing these same pages with http, no rewriting is done. I'm running orion 1.2.9. Questions: Why is url rewriting being done in https when the session cookie is sent and accepted by the browser while the same pages work fine in http? I would have expected url rewriting to be of type ?jsessionid=myid, and a reply to a similar post on 3 Aug 2000 http://www.mail-archive.com/orion-interest@orionserver.com/msg02989.html said this was a bug in orion 1.0.3 that was quickly fixed. --David.