6 Replies Latest reply on Jan 5, 2017 4:05 AM by Gareth Patterson

    New session created on each request with session cookie

    Gareth Patterson Newbie

      I am migrating an application from JBoss EAP 6.4 to JBoss EAP 7.0 but have run in to an issue where JBoss seems to be creating a new session on each new request when using session cookie to track the session.

       

      The application has several war files in the ear file. On JBoss 6.4 the application shared session across each war file using a session cookie by including jboss-web.xml in the WEB-INF folder of each war file as below:

       

      <jboss-web>

         <session-config>

            <cookie-config>

               <path>/</path>

               <http-only>true</http-only>

               <secure>false</secure>

             </cookie-config>

         </session-config>

      </jboss-web>

       

      On JBoss 7.0, with this configuration, when I make an initial request I can see the session cookie is created as expected. But on each subsequent request a new session is created. It works as expected when the jsessionid parameter is included in the url.

       

      I have tried using a jboss-all.xml file as documented here Web (Undertow) Reference Guide - WildFly 10 - Project Documentation Editor but still had the same problem.

       

      I've also tried moving the session cookie config directly into the web.xml rather than in jboss-web or jobss-all but that didn't help either.

       

      Any suggestions on what the problem could be? Thanks.