R
rsankar
Guest
A sessionid should be used to identify the logged in user. Is client-principal created outside PASOE? If yes, how is it passed in every request? How are you wiring the JSESSIONID and client-principal ? anonymous login model implies there is no authentication required to access the service. So it doesn't care who is calling the request & hence doesn't have session id.
Continue reading...
Continue reading...