Only the JSESSIONID cookie set from the first login request is not sent in subsequent requests?

Question

Only the JSESSIONID cookie set from the first login request is not sent in subsequent requests?

I can not understand what is happening. On one of env. of my webapp (written using ExtJS 4.0) - I see that the login request completed successfully, but the subsequent request failed with error 401.

When in the browser (F12) I found a little more that the first request response header has a JSESSIONID that is set as a cookie, but the second request does not send it to the request headers. Therefore, the second query creates a new session and returns a new JSESSIONID.

In the client code where the request is sent,
Ext.Ajax.request({url:'', callback..}) - there is no explicit JSessionId setting or any cookie.

The strange part does not contain all the cookie keys, only JSESSIONID, which means that cookies are not disabled and set by the browser.

Why does the browser not send JSESSIONID? I tried this in firefox / chrome.

Also this only happens in my local env., QA env. webapp is working fine.

+6

google-chrome cookies session-cookies session jsessionid

akjain May 15, '15 at 7:00

source share

2 answers

akjain · Answer 1 · 2015-05-19T11:15:29+0000

I figured it out myself .. it was a problem http://tomcat.apache.org/migration-7.html#Session_cookie_configuration

Thanks to all the people who spent time reading my question.

Kshitiz sharma · Answer 2 · 2016-12-22T16:32:24+0000

The answer given by akjain is correct. However, if someone needs a piece of code, here it is (added to web.xml ):

 <session-config> <cookie-config> <http-only>false</http-only> <secure>false</secure> </cookie-config> </session-config>

Only the JSESSIONID cookie set from the first login request is not sent in subsequent requests?

More articles: