Jay
Reputation: 2454
How do I get rid of tomcat default session id?
I am using tomcat 6.0.14, which does not support configuration for cookies.
So I have couple of pages in my app:
app.com/login.jsp<br>
app.com/dasboard.htm
The problem is that when user is at login.jsp, I see JSESSIONID as a cookie. I want to see session cookies only post logon when I am at dashboard - How do I make this happen?
Upvotes: 0
Views: 222
Answers (1)
Tomasz Nurkiewicz
Reputation: 340693
By default every JSP creates new HTTP session (which is not the case for user servlets). Add this on top of your login.jsp to avoid eager session creation:
<%@ page session="false" %>
Upvotes: 1
Related Questions
- How to remove JSESSIONID from cookies?
- Remove JSESSIONID cookie from Spring Application
- JSP still creates jsessionID with session=false
- How delete the JSESSIONID cookie from the browser with HttpOnly flag set
- Tomcat 8 how to remove sessionCookieName from URL
- Tomcat is not changing session id anymore
- Disable jsessionid via http header (cookie) in Tomcat 7
- How to change the session cookie in tomcat?
- why does tomcat create a session cookie for every request?
- Session JSession Id in tomcat 5.5.27