How do I configure session cookie recycling in JBoss and Tomcat?

Solution Verified - Updated -

Issue

  • When a session cookie is sent with a request, and the session does not exist on the server, the server can do one of two things:
    • create a session using the session id that was passed in the request (recycle)
    • create a session with a totally new session id (do not recycle)
  • Certain  use cases may require session cookies either be recycled or not. For  example, single sign-on solutions and portal applications typically require session cookie recycling so that information across contexts and  sessions can be related.

Environment

  • JBoss Enterprise Application Platform (EAP)
    • 4.x
    • 5.x
    • 6.x
  • JBoss Enterprise Web Server (EWS)
    • 1.x
  • You are accessing JBoss through the HTTP or AJP Connector.
  • You have your browser set to accept session cookies.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content