I have an application which runs on tomcat behind apache 2.4.6 configured with mod_session_dbd. I need the session info that gets persisted in the database. I see that apache saves the session info as a cookie in the browser as well. But, when I fire a http request, request.getSession().getId() returns a different session id . Its returning the jsessionid created by the tomcat. I need the cookie 'session' at the server end to do some computation. request.getCookies() isn't helping either.
Any pointers?
How do I get the session id which gets persisted by apache in my requests?
Screenshot
From Apache's documentation:
In a reverse proxy situation where the Apache server acts as a server frontend for a backend origin server, revealing the contents of the session ID cookie to the backend could be a potential privacy violation. When set to on, the session ID cookie will be removed from the incoming HTTP headers.
So, I'd to turn it off to get the session id as a part of the cookie.