You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Brigger Patrick <Pa...@GETABSTRACT.com> on 2001/07/24 14:58:23 UTC

keeping sessions when switching from http to https

Hi,

Without cookies, I loose my session object when switching from http to https
using encodeUrl. Can anyone help? 
Otherwise, it makes Tomcat really useless in real life applications, where
it is absolutely necessary to support customers that have cookies disabled.

Thanks,

Pat

Re: keeping sessions when switching from http to https

Posted by Wyn Easton <wy...@yahoo.com>.

What if you don't create the session until you switch
to https?

A session is pinned to a domain. The domain includes
the scheme (http or https) so when you switch from
http to https you will loose your session. Also the
port number will change, which changes the domain.

--- Brigger Patrick <Pa...@GETABSTRACT.com>
wrote:
> Hi,
> 
> Without cookies, I loose my session object when
> switching from http to https
> using encodeUrl. Can anyone help? 
> Otherwise, it makes Tomcat really useless in real
> life applications, where
> it is absolutely necessary to support customers that
> have cookies disabled.
> 
> Thanks,
> 
> Pat

__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/