Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Could someone tell me what should happen if a client initiates a request to a servlet container with a made up (valid) JSESSIONID ? supposing the servlet doesn’t have this jsessionid in its records (we’re not hijacking a session, just making one up), will the servlet accept this session and use it for all subsequent calls or will it disregard it, make up its own jsessionid and return it to the client?
If a
HttpSessioncannot be found based on given JSESSIONID, it will just be ignored. A new one will be created whenever demanded by the code and a new JSESSIONID cookie with a new ID will be set.