>From the servlet API:
"Invalidates this session then unbinds any objects bound to it."
If a browser's TomcatA session is invalidated and they return to
TomcatA, TomcatA will issue a new session ID to the browser. The session
ID represented in the cookie would no longer correspond to a know
session in TomcatA, and it would create a new session with a new session
ID.
>>> [EMAIL PROTECTED] 12/2/2004 4:55:33 PM >>>
Hello Peter Mengell,
can you please clarify what you mean by session.invalidate
alex korneyev
Thursday, December 2, 2004, 9:13:44 AM, you wrote:
> Hi,
> Are you invalidating the session from TomcatA before you redirect to
TomcatB?,
> even a redirect should be able to clear the session cookie if you've
> invalidated the session.
> We do much the same thing sometimes and don't have this problem, the
> session.invalidate seems to be the only thing we seem to be doing
> differently.
> Pete
> On Thursday 02 December 2004 15:05, Alex Korneyev wrote:
>> Hello all,
>>
>> i have sent this one before, but i am hoping someone else has
>> had this particular problem.
>> __
>>
>>
>> i am hoping someone has seen the following behavior.
>>
>>
>> TomcatA sends a redirect to TomcatB
>>
>> on the backend, I can see that TomcatB receives a JSESSIONID that
was
>> originally assigned to it by TomcatA;
>>
>> i.e. cookie = JSESSIONID=6EF95FA9AA98E608C555E28875F57054;
>>
>>
>> I rewrite reset the jsession id ( see the code bellow ), but
>>
>>
>> on the next request i see this:
>>
>> cookie = JSESSIONID=6EF95FA9AA98E608C555E28875F57054;
>> JSESSIONID=2251830F6F64DEFC974C19C79F1EABAB
>>
>> for some reason using Mozilla works, but I.E. is the one that
passes
>> 2 JSESSIONID variables. Thoughts?
>>
>> if (cookies != null && cookies.length > 0)
>> {
>> int len = cookies.length;
>> for (int i = 0; i < len; i++)
>> {
>> if
>> (cookies[i].getName().equalsIgnoreCase("jsessionid")) {
>> cookies[i].setMaxAge(-1);
>> cookies[i].setPath("/");
>> _LOGGER.debug("COOKIE VALUE
" +
>> cookies[i].getValue() ); _LOGGER.debug("session id: " +
>> request.getSession().getId() ); _LOGGER.debug(" comp" + (
>> request.getSession().getId().equals(cookies[i].getValue())));
>> if (
>> request.getSession().getId().equals(cookies[i].getValue())) {
>>
_LOGGER.debug("equal");
>>
>> response.addCookie(cookies[i]); }
>> else
>> {
>> _LOGGER.debug("not
equal");
>> Cookie sessionCookie
= new
>> Cookie("JSESSIONID", request.getSession().getId());
>>
>> response.addCookie(sessionCookie); }
>> foundCookie = true;
>> _LOGGER.debug("updated
session
>> cookie");
>>
>> }
>> }
>> }
>>
>>
>>
>>
>>
>>
>>
>>
>>
---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail:
>> [EMAIL PROTECTED]
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
--
Best regards,
Alex mailto:[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
