Thanks lwhite. Sure enough, using those configuration properties results in the expected behaviour, with no loss of session data.
<p>
I agree it would be great for the issues involved here to be captured in one place, eg. a good blog entry on the subject (definitely took me a while to home in on the required info via google, and I'm sure I'm not alone).
<p>
Having said that, if I read such a blog, I would immediately have a question. So I'll put it here, if you would be willing to help out my understanding a little further.
<p>
What I understand is that you are warning against the use of 'ajax-type frameworks, Frames, etc.' because they potentially mess up the session versioning (due to some kind of thread safety semantics). Well, I have a hard time accepting this (maybe I don't understand the issue deeply enough). Even if we leave aside how quickly that would break most websites that want to use replicated session state, I can still imagine a simple website that would probably break:
<p>
Imagine a single html page, having just has a long list of <img> tags, each of which refers to a very small image resource (eg. less than a kilobyte). Now, when the browser requests this page, it will immediately start to load the images. My understanding is that most browsers will use up to two concurrent connections to load a page's resources. Since the images load very quickly, then even for this simple web-app, you have the conditions to completely lose your session!
<p>
Thoughts?
Cheers,
Jess.
[Message sent by forum member 'nzjess' (nzjess)]
http://forums.java.net/jive/thread.jspa?messageID=350750