Platform: JBoss 3.0.6/Jetty and JBoss 3.2.1/Jetty / IE6.0 / Windows XP
I've got an application with programmatic security, which deploys and runs perfectly on Orion, however when running it on JBoss a new session is being created upon every request as demonstrated in the logging output below:
17:44:43,767 DEBUG [LoginFilter] session ID : pdfdSUucUUoM9sjx+35Egg**
17:44:43,767 DEBUG [LoginFilter] session CT10533626837
17:44:44,595 DEBUG [LoginFilter] session ID : +6834nKAuG6Zo89vz+UEDw**
17:44:44,595 DEBUG [LoginFilter] session CT1053362684595
Can anyone give me some pointers as to why this might be happening? I've got a single JBoss instance running so I assume it's not a clustering issue, and the page requested above was on a non constrained path (even after a successful login going to a constrained path a new session is being created for every request, which causes all sorts of fun with them having to login again upon the next request). Is this a cookie issue perhaps?
Any help or ideas would be greatly appreciated,
JBoss 3.2.1/Jetty retained the session if I commented out in my web.xml.