Hi,
I hope this is the right list to ask; if not, please direct me to a
better place...
We're currently integrating a couple of web sites under a single
domain. Some of the sites run on separate Tomcats, others use PHP,
Perl or a number of proprietary systems. We believe that having
multiple containers use the same session cookie will lead to problems.
So we assumed that we could just configure each container to use a
separate cookie. However, the specification points out in section
SRV.7.1.1SRV.7.1.1 that "[t]he name of the session tracking cookie
must be JSESSIONID."
I'd like to understand the rationale for this requirement. If the
container manages the session, why would an application care about
the actual mechanism used to track the session? Why can this not be
made configurable?
Thanks,
Stefan
--
Stefan Bethke <[EMAIL PROTECTED]>
Tallence GmbH, Baumwall 3, D-20459 Hamburg, Germany
Mobile +49 170 3460140, Office +49 40 360935-0, Fax +49 40 360935-10
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
