I was able to fix it with previously suggested session-config command in web.xml Not sure why it didn't work for some people on here but it worked for me on glassfish.
> On Nov 15, 2013, at 9:01 AM, versatec <[email protected]> wrote: > > whoops, missed the part where you say the JSESSIONID is appended to url > *after *login. On glassfish it happens only when the *login page itself is > displayed* both when logout redirects to login page or when navigation > points to login page first time > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Removing-JSESSIONID-xxx-from-the-url-after-login-tp7579370p7579383.html > Sent from the Shiro User mailing list archive at Nabble.com. >
