Session Fixation in EAP 6.4.9

Need to know how to prevent a Session Fixation attack in EAP 6.4.9
The jsession id doesn't change after the login,
Tried the below solutions but it doesn't work,
https://bugzilla.redhat.com/show_bug.cgi?id=1189465
https://access.redhat.com/solutions/227923

Started 2020-04-07T05:25:34+00:00 by

Production Support

Community Member 22 points

Responses

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)