Question

1
Replies
396
Views
Close popover
Munisekhar Katta (MuniKatta)
computershare

computershare
US
MuniKatta Member since 2017 14 posts
computershare
Posted: June 7, 2018
Last activity: June 11, 2018
Closed

want to Change JsessionID after login

We have a security finding where we need to Invalidate all existing session tokens on any change of authentication state. Is there any way we can achieve this?

We Identified that session cookies are not being updated when the user transitions between different levels of authentication.

We are using Tomcat server 7.0.64

Low-Code App Development DevOps Testing Applications System Administration Installation and Deployment
Moderation Team has archived post