I am new to Zimbra and trying to move existing integration from Zimbra 6 to Zimbra 7 (and later to Zimbra 8 once the zimlets and extensions are compiled with new code). I am running into some session issue. Here is what's going on:

The code authenticates the user. It then creates a new cookie/token:

String authToken = zAuth.getToken();
Cookie c = new Cookie("ZM_AUTH_TOKEN", authToken);
c.setPath("/");
response.addCookie(c);

Everything is good so far. The token is valid. We use Tomcat 6. I see that Tomcat has correct JSESSIONID with a path "/something".

Next line in the code is:

response.sendRedirect(mailUrl);

On redirect, it does show me the correct the Zimbra mailbox but this last line of code creates new Tomcat JSESSIONID with path "/". So now I have two JSESSIONID's. One with path "/something" and the other with "/".

This was not happening in Zimbra 6 as far as I can tell. (The Zimbra 6 and 7 installations are on different servers so may be some configuration is causing this?). Any one can throw light at why two JSESSIONID's are getting created?

Thanks...