MCRServlet3LoginServlet defines a new session cookie each time a website is loaded

Description

Replication:
minimal mir LTS 2015.05 installation in Tomcat 8.0.28 Container (H2,solr as preconfigured),
.mycore/mir/realm.xml contains the <realm id="servlet3>...</realm> as provided,
apache-tomcat/conf/server.xml contains the following realm definition:
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldaps://ldap.nds.uni-hamburg.de:636"
userBase="o=uni-hamburg"
userSubtree="true"
userSearch="(&amp;(objectClass=user)(cn={0})(groupMembership=cn=gwiss_mit,ou=Gruppen,o=UNI-HAMBURG))"
commonRole="submitter">
</Realm>
nothing else is configured/adjusted
After logging in with the respective servlet 3, each time a new site in the mir context is called a new SessionID is defined. Logging in with the "local" Servlet the Session ID stays the same over the entire session.

Environment

Ubuntu Linux 14.04
Firefox 42
Java JDK 1.8.0_20
Tomcat 8.0.28
occurs probably independent of plattform and browser

Activity

Show:
Thomas Scheffler
November 23, 2015, 2:52 PM

added log messages to debug http session handling

Thomas Scheffler
November 25, 2015, 9:57 AM

added log messages to debug http session handling

Assignee

Thomas Scheffler

Reporter

Hagen Peukert

Labels

None

URL

None

External issue ID

None

Components

Fix versions

Affects versions

Priority

Highest
Configure