[jboss-user] (no subject)

Hi, I’m facing some problems with the JBOSS 7. My web application use JAAS with a custom login module and my context demands an HTTPS connection. I’m trying to prevent session fixation on that server but I didn’t found any document talking about the version 7.x.x. I would like to invalidate and regenerate the Session when a user succeed on the login process. Is it possible? Regards, Endrigo Antonini http://www.endrigoantonini.com.br/ http://br.linkedin.com/in/endrigoantonini http://www.twitter.com/antonini