Tomcat 7 writing same JSession cookie on browser restart

Question

I have the following configuration in tomcat configuration files :

<session-config>
     <session-timeout>10</session-timeout>
     <cookie-config>
             <domain>myapp.mycompany.com</domain>
             <http-only>true</http-only>
             <secure>false</secure>
     </cookie-config>
     <tracking-mode>COOKIE</tracking-mode>

            <Context path=""
                     docBase="ROOT"
                     sessionCookieName="mycookiename"
                     sessionCookieDomain="myapp.mycompany.com"
                     sessionCookiePath="/"
                     useHttpOnly="true"
                     reloadable="false">
                <WatchedResource>WEB-INF/web.xml</WatchedResource>
            </Context>

As configured above , the cookie is getting set as "session only" in browser ..and on browser quit its getting deleted as expected. But when I am opening the browser again and hitting my application URL again, same JSESSIONID is getting written to the cookie.

Why is it behaving that way ? Isn't it supposed to write a new jsessionid every time ?

score -1 · Answer 1 · answered Mar 08 '14 at 10:04

-1

It finally appears that the issue was that in Mac i have to actually quit the browser, rather than hitting its close button ...

answered Mar 08 '14 at 10:04

Novice User

3,552
6
31
56

Tomcat 7 writing same JSession cookie on browser restart

1 Answers1