Skip to navigation

How do I configure session cookie recycling in JBoss and Tomcat?

Updated 2013-10-30T02:04:14+00:00

Issue

  • When a session cookie is sent with a request, and the session does not exist on the server, the server can do one of two things:
    • create a session using the session id that was passed in the request (recycle)
    • create a session with a totally new session id (do not recycle)
  • Certain  use cases may require session cookies either be recycled or not. For  example, single sign-on solutions and portal applications typically require session cookie recycling so that information across contexts and  sessions can be related.

Environment

  • JBoss Enterprise Application Platform (EAP)
    • 4.x
    • 5.x
    • 6.x
  • JBoss Enterprise Web Server (EWS)
    • 1.x
  • You are accessing JBoss through the HTTP or AJP Connector.
  • You have your browser set to accept session cookies.

Subscriber content preview. For full access to the Red Hat Knowledgebase, please log in.

Not a subscriber? Learn more about the benefits of Red Hat Subscriptions.