magro
commented
7 years ago In fact msm should delete the cookie via an appropriate Set-Cookie header. It should also delete the session from memcached.
Please activate debug logging (https://github.com/magro/memcached-session-manager/wiki/SetupAndConfiguration#configure-logging) and share the related logs. Request/response http headers are also valuable for the analysis of this issue.
when I logout,the code is request.getSession().invalidate();
but the value of cookie JSESSIONID is not change,when I login again;
how can I invalidate the session in memcache, my code seems to only effect the local JVM