After HttpSession.invalidate() is called I expect the next getSession call should return a new session with a different session id. However, it returns the same sessionid ???

Luigi Viggiano

I believe that the new session will be generated on next request by the client, not immediately after the invalidate.

0 Comments  (click to add your comment)
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.