Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Sometimes Spring Security appends a jsessionid to the end of my URL. Wouldn’t bother me so much if it happened all the time or never, but it seems almost random. I’m wondering why this is happening and if it has anything to do with remember me not working correctly with LDAP?
http://localhost:8080/myapplication/login/auth;jsessionid=A07D52CB78DB999947F3EED1917D60F6
JSESSIONID is created by tomcat (or other web container, see docs), it’s not from Spring Security. JSESSIONID is the unique id of the http session, used at situation when application uses session (put/read some data from sesson during request), but there’re no session cookie exists. At this case server trying both ways: setup cookie and append parameter to all links.
Mostly it’s because:
And during such request session was used on server side (and was created new session).
PS I’m not sure that it can be related to LDAP auth issue