The answer is NO. As you already indicated, EAP 6 is following the servlet 3 specification. As a result, the session configuration, including the session cookie path, exists in the application's web.xml
Thank you. So what I am seeing is that a new JSESSIONID is being created for each path rather than a single one for just the root "/". This actually happens with Tomcat too if "sessionCookiePath" is removed from the context.xml.
Is this expected behavior? I was expecting to get a single JSESSIONID for the root "/" only which is what sessionCookiePath forces.