Chris,
I'm afraid I was also a bit guilty of this very recently, but I'll accept
your welcome also. :-)
It's refreshing to see people who still care about user-list communities.
They seem to foster the kind of individuals I enjoy communicating with, but
are sadly dwindling.
Cheers
On Fri, Mar
gt; Joseph,
> >
> > On 3/14/14, 9:49 AM, Joesph Bleau wrote:
> >> I should also mention that after some very simple testing I was
> >> able to confirm that (of course) Tomcat is notifying my application
> >> when the session is invalidated in a valve.
the valve which appeared to work, tomcat didn't provide the same
> ID here.
>
>
> On Fri, Mar 14, 2014 at 8:37 AM, Christopher Schultz <
> ch...@christopherschultz.net> wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA256
>>
>> Joseph,
the same
ID here.
On Fri, Mar 14, 2014 at 8:37 AM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Joseph,
>
> On 3/14/14, 5:59 AM, Joesph Bleau wrote:
> > Right now we're running our applica
Hi all,
Right now we're running our application in Tomcat and using hazelcast to
share information across our multiple instances. In an attempt to prevent
session fixation I implemented a tomcat valve which invalidates sessions
when a user authenticates (or in this case, just visits the authentica
