I am trying to disable the use of cookies for session tracking. I have tried with both JSF and with a simple JSP page. I am using JBoss 4.2.1.
I have tried changing the file
.../server/default/deploy/jboss-web-deployer/context.xml as follows:
<Context cookies="false" crossContext="false">
...
</Context>
I have tried copying the above context.xml into my web app's WEB-INF directory. None of these work. The only way I can get the server to stop using a session cookie is to disable cookies on the browser.
I need to disable cookies because I must support multiple browsers/tabs on the same client PC. With cookies, there is no way to distinguish the two client-side sessions because they will both use the same session tracking cookie.
I know I have done this before with Tomcat, but I'm missing something obvious here for JBoss. I'd appreciate any help.
Here is a simple JSP page I have used for testing. When I turn cookies off on the browser, the session id shows up in the URL as expected.
<html>
<%
Integer counter = (Integer) session.getAttribute("counter");
if (counter == null) {
counter = new Integer(0);
}
counter = new Integer(counter.intValue() + 1);
session.setAttribute("counter", counter);
%>
Counter = <%= counter %>
<br/>
<a href=<%= response.encodeURL("test.jsp") %>>Click Me</a>
</html>
Rob Conaway