I am using JSF as a development framework for my web application. I am using Tomcat 5.0 as my web server.
I have following code in unauthrized.jsf page
<%@ taglib uri="http://java.sun.com/jsf/core
" prefix="f" %>
<%@ taglib uri="http://java.sun.com/jsf/html
" prefix="h" %>
<TITLE> QJet - UnAuthorized Page </TITLE>
<h:outputText id="organization-error" value="You are not Authorized to access the this Application. Please contact the" />
<h:outputText value="Aviation Team" />
<h:outputText value=" if you have any questions." />
As per my programming logi, when unauthorised person tries to access my application then he gets redirected to this page. If user clicks on this "Acitation Team" link, new mail opens with proper "firstname.lastname@example.org" address in "To: " textbox.
If user closes this new mail and copy the url from browser of this unauthorized.jsf page and closes the browser. Now if user opens a new browser and pests the url of unauthorized.jsp page, he is still see this message of "Avitation Team", but this time if he clicks on this "Avitation Team" link the new mail opens with weired emailid in "To :" box is "email@example.com ;jsessionid=12346fdf32323s
I can't undestand that why this address get changed and adds jessionid? Does the tomcat server maintains this session for previously logged in user? Is it a part of JSF framework?
Anybody has any suggestion then please let me know.
Thanks in advance!