I have a JSF 2.2 web application on Tomcat 7.0.41. As authentication I use DIGEST with realm. New JSESSIONID is set on every HTTP request and it looks like this:
Set-Cookie JSESSIONID=...; Expires=Mon, 23-Sep-2013 11:35:25 GMT; Path=/domain/; HttpOnly
Its expiration time is (now + 1 hour). I'm googling for any hint, maybe not well. I read some articles about loadbalancer and session replication, but I have only one server tomcat. I think there don't need replication. I use server as state saving method in web.xml
. When I change state saving method to client
and I set cookies="false"
in context.xml
, then it's ok, but very slow. What can be wrong with my web.xml
or Tomcat settings?