You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by to...@meinsenf.at on 2001/11/07 20:05:57 UTC

Re : AW: encodeURL + SSL

>Even stronger:
>that's what the servlet spec's way to encode the sessionid.

that's right!

but what about my problem? ;-)

... using tomcat 3.2.3 
 
what I want to do: 
 
request goes to "http://localhost:8080/login" 
getSession() 
if session.isNew() -> redirect to: encodeURL("/login") 
 
this works fine with http! 
 
BUT if I'm using https the encodeURL("/login") always returns "/login" without the sessionid - so the redirect does NOT WORK! 
 
--- 
 
If I request "http://localhost:8080/login" it is redirected to http://localhost:8080/login;jsessionid=ix1ayzun31 
change this URL manually to: 
https://localhost:8443/login;jsessionid=ix1ayzun31 
returns the correct page - but all links that should be encoded do not contain the sessionid!!! 
 
what am I missing? 
 
thanks 
michi