I increased the default Session id length to 128:-
1. When the user clicks the link it shows the HTTP 400 error and URL shows
This happens first two times when we try to login and third time we are able to login to application.
2. When the user logs into application and goes to Administration link and clicks the Scheduler History link.
Then searches for any of the Job and runs it, he is getting kicked out of the application.
• When ever we hit the application(login page), I found in the view source of the page that "jessionid" is created and sent in the JSP.
• The same jsessionid appears on the URL along with the HTTP 400 error when we enter username and password and try to login.
• This scenario repeats for 2 times. And for the 3rd time, the session is not appearing on the JSP(View source) and hence the HTTP 400 is not occurring.
• And the URL doesn't have the jsessionid as well