I saw another problem that had similar symptoms to duplicate session ID's. My application was getting collisions between different users having the same session ID using tomcat 4.0.5. I found that the request headers were not being cleared out when they were recycled so that cookies from a current request were added to the cookies on the previous request. Since only the first JSESSIONID cookie is used to obtain the session id both users ended up with the same session id. I solved this in my application by using rewritten URLs instead of cookies. I was unable to find a bug in examining the tomcat code. I did not check the mod_jk code.
Steve __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
