You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Jain, Vikrant" <Vi...@Safenet-inc.com> on 2009/05/27 06:48:14 UTC
HTTP/HTTPS sessions
Hi,
In my application HttpSession is getting created on a SSL Login page,
subsequently it redirects to HTTP page, but the HTTPS session is lost.
How do I maintain the same HttpSession across the HTTP and HTTPS Urls?
I need to use HTTPS for several Urls, so the problem is not restricted
to Login page.
Thanks!
Vikrant
The information contained in this electronic mail transmission
may be privileged and confidential, and therefore, protected
from disclosure. If you have received this communication in
error, please notify us immediately by replying to this
message and deleting it from your computer without copying
or disclosing it.
Re: HTTP/HTTPS sessions
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Vikrant,
On 5/27/2009 12:48 AM, Jain, Vikrant wrote:
> In my application HttpSession is getting created on a SSL Login page,
> subsequently it redirects to HTTP page, but the HTTPS session is lost.
>
> How do I maintain the same HttpSession across the HTTP and HTTPS Urls?
This question has been answered on this list before several times,
occasionally by me. Check the archives for secure cookies, https, etc.
and see what's already been said. What's important to understand is that
there's no magic "make it work" setting in Tomcat: you have to code
around the problem yourself.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkoe5n0ACgkQ9CaO5/Lv0PB1zACcDVKZzfUqUjmbfVkfPlnXkY4C
6/8AoK+ohxBO/lQUKliI/HJQCp5fba3i
=BRT4
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org