On 14/09/2010 21:54, Christopher Schultz wrote: > I encourage others to test other browsers. This was exhausting. :)
To add to the 'fun', recent Tomcat versions will change the session ID (but not the session object) on authentication to prevent session fixation attacks. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
