lams-github

WildFly 10 changes session ID after log in by default. It prevent

session fixation attack.

TestHarness can not process it correctly. When calling /j_security_check

it gets session ID in SET-COOKIE header different to what Undertow

generates. Browsers seem to have no problem with it, but TestHarness

fails to set correct session ID. That is why session ID change needs to

be disabled when running TH. Show less