I have a web application running on JBoss 6. SSL works fine on my site, it is behind an ELB on AWS. Everything currently works fine. For a security requirement I want the session to be transferred through the secure channel only so I have added secure="true" on the Connector in server.xml. However, when setting the session to be secure there is a new jsessionid generated for every request. You can use teamviewer and Skype to login to my machine and help me solve this problem. I am looking for someone with experience in this field to consult for any future issues and build a long term relationship.