When is a JSESSIONID created for a user accessing a servlet-based web application?
A JSESSIONID cookie is generated and sent to the client when a session is created. This occurs in the following scenarios:
Sessions in servlet-based applications are isolated at the context (or web application) level. As per the Servlet 2.4 specification:
"HttpSession objects must be scoped at the application (or servlet context) level. The underlying mechanism, such as the cookie used to establish the session, can be the same for different contexts, but the object referenced, including the attributes in that object, must never be shared between contexts by the container."
Therefore, if you have multiple web applications deployed on a single Tomcat app server, a distinct JSESSIONID will be generated for each application context.
The above is the detailed content of When is a JSESSIONID Cookie Created in a Servlet-Based Web Application?. For more information, please follow other related articles on the PHP Chinese website!