When we deploy our Spring Boot app to Azure Web App, the JSESSIONID cookie is not created, and it looks like there is no session at all.
This is our Spring Security session config:
private void setSessionManagement(HttpSecurity http) throws Exception {
http.sessionManagement()
.enableSessionUrlRewriting(false)
.sessionFixation()
.migrateSession()
.sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
.invalidSessionStrategy(invalidSessionStrategy);
//.maximumSessions(1)
//.expiredSessionStrategy(expiredSessionStrategy);
}
When we run in locally in Docker/IntelliJ, it is created. Besides this, I have already set the ARR affinity 'On' under the Configuration > General settings, but still no luck.