So far, so good. The page loads and refreshes every 30 seconds.
Is it required to "enable cookies" in the webcontainer? Then everything works. But then I have the problem that the user needs to shut down his entire browser to be sure that all session data is cleaned after logout. If he does not, some data is still present in the session after a new login (from the browser cookie I guess?)
When I try the same without "enable cookies", my initial session gets lost on page refresh. (and a new one is created on every refresh).
Is there a way to maintain my initial session then?
I already tried: - adding ";jsessionid=<THE_SESSION_ID_OF_THE_INITIAL_REQUEST>" to the refresh_url - getting the jsessionid cookie from the initial request and posting this to the response
I'm going to move this to our Websphere (WAS) forum. I'm not very familiar with WAS but I've heard in passing that it has a proprietary mechanism for keeping sessions alive with cookies that is beyond what is in the servlet spec.
I could be wrong about this and the folks in the WAS forum will know better.