-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Jose,
On 2/28/13 2:43 AM, Jose María Zaragoza wrote: > I've seen in my web browser that it has got 2 JSESSIONID for the > same domain at the same time > > > JSESSIONID: xxxxxxxxxxxxx www.mydomain.com / > > and > > JSESSIONID: yyyyyyyyyyyy www.mydomain.com /app/myapplication/ You might want to instrument your web application to find our why you are getting JSESSIONIDs with different paths. Do you have a ROOT webapp that can generate sessions? Perhaps you have JSPs in your ROOT webapp that don't have session="false" in its header? > Cheking request to my Tomcat server, I see > > POST /app/myaplication/action/play.do > > Cookie: DWRSESSIONID=F71Wlww0mrwuExOQoE3aLslewQj; > JSESSIONID=xxxxxxxxxxxxxxxxxxxxx; > JSESSIONID=yyyyyyyyyyyyyyyyyyyyyyyyyy; That's interesting. I would recommend a servlet filter that captures addCookie and friends to see where that "extra" one is being added. > How does Tomcat server handle this situation ? I'm talking about > session managing Does it read the first JSESSIONID ? Does it read > every JSESSIONID ? Can this cause problems ? Tomcat will read session ids until it finds one that is valid: having multiple JSESSIONID cookies is not a problem unless *both* are valid for some reason. In that case, I suspect you'll get the first (that is, the one that occurs first in the HTTP request) JSESSIONID and the other one will essentially be ignored. > I know I can rename JSESSIONID when it's serve by my Tomcat > server, but I want to be sure that I need to do that You probably don't need to do that. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlEvitoACgkQ9CaO5/Lv0PDBGACfby+4zBL7VYhC8vgLu3VE93ZJ wG8AmgL2DerJA9o+BL8t7aV9rgZGl4fH =qVg7 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
