Hi Jan,
thanks for answer, it is exactly as you wrote.
I have found that I can force JSESSIONIDVERSION to be always unsecure (in sun-web.xml) and this solves my problem, however isn't it strange behaviour?
I mean, if JSESSIONID is marked properly why JSESSIONIDVERSION is not?
My scenario is quite popular, home page, login using secure connection and go back to home page or other pages which can be unsecure. With, I guess, standard behaviour of JSESSIONIDVERSION it will always fail.
Nevertheless, thanks for your help.
Regards,
Adam
[Message sent by forum member 'adeboinfo' (adeboinfo)]
http://forums.java.net/jive/thread.jspa?messageID=334060