Questions tagged [jsessionid]

JSESSIONID is the name of the tracking parameter defined by the Java servlet API.

JSESSIONID is the name of the tracking parameter defined by the Java servlet API. The parameter can either be set as a cookie or as part of the url.
If a request specifies a JSESSIONID, the server will use it if it determines if it is valid. If the JSESSIONID in the request is missing or invalid, the server generates a new unique one.
Sessions can be configured to time out (usually 30 minutes) after which time the session id is no longer valid.

Related tags:

461 questions

votes

1 answer

why is jsessionid cookie allowing user to access member content even though credentials are wrong?

So, I think it is because of the JSESSIONID cookie that is causing the problem, but not too sure, here goes. Basically, users are required to enter a special token when logging in. But somehow users are able to access the private/member pages even…

session-cookies jsessionid

asked Jun 13 '12 at 18:00

iCodeLikeImDrunk

17,085
35
108
169

votes

1 answer

Internet Explorer - Specify JSessionID by setting Session Cookie via Client Java or C# Code

In my code, I have a JSessionID, which I want to share with an IE instance. I am able to launch an instance of IE, however I need to specify the JSessionID to the browser. The application server will be JBoss, WebSphere or WebLogic, so I am looking…

c# java internet-explorer session jsessionid

asked May 23 '12 at 04:01

James Oravec

19,579
27
94
160

votes

1 answer

Setting Tomcat 7 sessionid and value to be identified via Hardware Load Balancing for session affinity

Although easily done from my perspective with IIS, I'm a total noob to Tomcat and have no idea how to set static values for cookie contents. Yes I've read the security implications and eventually will access via SSL so I'm not concerned. Plus I've…

cookies session-cookies tomcat7 setcookie jsessionid

asked May 16 '12 at 08:45

Aaron

votes

1 answer

Is it possible to append/prepend a text string to JSESSIONID?

Looking for application server neutral way of doing this. I would still appreciate all the available options.

java jsessionid

asked Apr 19 '12 at 08:01

Santosh

17,667
4
54
79

-1

votes

1 answer

How can I call a GET endpoint from Postman with JSESSIONID and CSRF protection enabled?

My cookies in the request header look like this: website cookies When I log out or the session expires, I can't make a GET request in Postman, because the values of those two are different each time. I don't know how to generate csrf token and…

cookies csrf web-api-testing jsessionid

asked Jul 11 '22 at 14:33

Vasil

-1

votes

1 answer

GlassFish is creating a new JSESSIONID on every request

I have a simple page backed by a named bean. The page is also using primefaces, but I am not doing anything ajax in that page. The applications is hosted on Glassfish 5.1. @Named("cardsView") @RequestScoped public class CardsViewBean implements…

jsf glassfish jsessionid

asked Apr 09 '20 at 23:19

Leonardo

9,607
17
49
89

-1

votes

1 answer

Scope of session object

1) As mentioned here, HttpSession objects must be scoped at the application (or servlet context) level, where context is, ServletContext context = request.getServletContext(); 2) HttpSession object is created per browser session, in tomcat…

java session servlets jsessionid servlet-container

asked Dec 26 '17 at 05:55

overexchange

15,768
30
152
347

-1

votes

1 answer

How can i keep session alive in another web browser?

I want keep my jsession in chrome alive for another browser, Is that possible? If yes, how can I do it? I think of getting value of jsession and set for the new web browser I m using IE tab for solving applet problem in chrome.

java spring-security jsessionid

asked Jan 18 '16 at 13:39

taha yahia

-1

votes

1 answer

Under what conditions is a JSESSIONID is not created for new sessions?

====== Just searching for any solution. i was wondering why JSESIONID was not created after creating a session? in our application, we are calling request.getSession() on a particular servlet. however, this call didnt set JSESSIONID…

java web-services websphere jsessionid

asked Oct 09 '15 at 06:06

Queen

-2

votes

4 answers

Using regex function to manipulate string in c#

I would like to remove jsessionid=99171C97AE28712E048E321DB6B192F3 from the string below using regex in…

c# regex jsessionid

asked Jun 11 '13 at 17:35

Mobola Oladapo

-15

votes

5 answers

Can i provide SSH credentials to an applet without leaking them to the entire Internet?

I have an applet which is available on the Internet which talks to an internal server via an SSH tunnel. The correct SSH credentials have to be available to the applet. It isn't very convenient to compile them into the applet; providing them as…

java security ssh applet jsessionid

asked Aug 27 '11 at 01:29

user207421

305,947
44
307
483

Prev 1 2 3

…