Since my blog is just popular enough for sploggers to post comments on it, I decided to set up captcha images to thwart them using the scode plugin. I had set up everything, but scode kept saying that the code I entered didn't match the one in the image. I asked for help on the blojsom mailing list, but they were stumped also. Eventually, I looked through the scode source code, and I discovered that it was using the java session, and tomcat was setting the session's cookie's path to /blojsom, which became a problem since I am using apache to rewrite the url.


Of course, after spending a lot of time researching the issue, I am able to search for the right keywords to find someone who has had the exact same problem as I did. Apparently, emptySessionPath=”true” tomcat configuration should fix this, but it only works with version 5.5.4, and I encountered some issues upgrading, so I had to modify the source code for the scode plugin as described in the above link.