You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Konstantina Stamopoulou <st...@intracom.gr> on 2004/10/05 11:08:25 UTC
Loosing session while redirecting
Hello evelyone,
I'm facing the following problem. I try to switch from http to https using
<forward> tags in the struts-config.xml
<forward name="standard" redirect="true"
path="http://pc:8989/cdn-data-new/tvmode.jsp"/>
<forward name="secure" redirect="true"
path="https://pc:8989/cdn-data-new/tvmode.jsp"/>
In the Action class I use : return mapping.findForward("standard");
Everything works fine up to here. When the redirection has been completed I
have lost the session.
At first I thought that switching form http to https and vice versa causes
the problem, but I noticed that the same thing happens when I use the same
protocol, http and use redirect.
It is a critical problem for my project and I would appriciated if you could
help me.
Thank you in advance
Konstantina
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Loosing session while redirecting
Posted by Dmitrii CRETU <dc...@fromru.com>.
Perhaps the JSESSIONID cookie is lost when you switch from ip-address
to host-name or vice versa
This happens because cookie is assosiated with the host (and path), so
if you redirect IP request to HOSTNAME path the cookie is not
attached to this request (it is supposed to belong to IP-based "domain")
The solution is to use only one of IP or HOSTNAME in your application.
Oher solution may be not using cookie for JSESSIONID storage but using
URL rewriting fot this. Though I'm not sure if this works as I did not
test it so I would appriciate if you tell us your final solution.
HTH,
Dima.
KS> Hello Erik,
KS> I have noticed that I'm loosing session not only when I switch from http to
KS> https but when I switch from ip-address to pc-name.e.g the first request is
KS> with
KS> http://123.33.44.24:8080/myapp and the second is http://pc24:8080/mypapp. I
KS> beleive that the change of the protocol used is considered as a request to
KS> another application and this causes the creation of new session.
KS> Thank you for your answer.
KS> -----Original Message-----
KS> From: Erik Weber [mailto:erikweber@mindspring.com]
KS> Sent: Tuesday, October 05, 2004 4:51 PM
KS> To: Struts Users Mailing List
KS> Subject: Re: Loosing session while redirecting
KS> I don't know any reason why a redirect should be the cause of session
KS> "breaking", though I admit I haven't used a redirect from HTTP to HTTPS
KS> in the middle of a user's workflow (only at the very beginning -- by
KS> using the CONFIDENTIAL transport-guarantee in web.xml).
KS> Is your test browser accepting cookies? Or, are your links generated in
KS> such a way (either with Struts tags, or by using response.encodeURL
KS> directly) that a session can be tracked without cookies?
KS> Erik
KS> Konstantina Stamopoulou wrote:
>>Hello evelyone,
>>I'm facing the following problem. I try to switch from http to https using
>><forward> tags in the struts-config.xml
>>
>> <forward name="standard" redirect="true"
>>path="http://pc:8989/cdn-data-new/tvmode.jsp"/>
>> <forward name="secure" redirect="true"
>>path="https://pc:8989/cdn-data-new/tvmode.jsp"/>
>>
>>In the Action class I use : return mapping.findForward("standard");
>>Everything works fine up to here. When the redirection has been completed I
>>have lost the session.
>>At first I thought that switching form http to https and vice versa causes
>>the problem, but I noticed that the same thing happens when I use the same
>>protocol, http and use redirect.
>>It is a critical problem for my project and I would appriciated if you
KS> could
>>help me.
>>
>>Thank you in advance
>>Konstantina
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>>For additional commands, e-mail: user-help@struts.apache.org
>>
>>
>>
>>
KS> ---------------------------------------------------------------------
KS> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
KS> For additional commands, e-mail: user-help@struts.apache.org
KS> ---------------------------------------------------------------------
KS> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
KS> For additional commands, e-mail: user-help@struts.apache.org
--
Best regards,
Dmitrii mailto:dcretu@fromru.com
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: Loosing session while redirecting
Posted by Konstantina Stamopoulou <st...@intracom.gr>.
Hello Erik,
I have noticed that I'm loosing session not only when I switch from http to
https but when I switch from ip-address to pc-name.e.g the first request is
with
http://123.33.44.24:8080/myapp and the second is http://pc24:8080/mypapp. I
beleive that the change of the protocol used is considered as a request to
another application and this causes the creation of new session.
Thank you for your answer.
-----Original Message-----
From: Erik Weber [mailto:erikweber@mindspring.com]
Sent: Tuesday, October 05, 2004 4:51 PM
To: Struts Users Mailing List
Subject: Re: Loosing session while redirecting
I don't know any reason why a redirect should be the cause of session
"breaking", though I admit I haven't used a redirect from HTTP to HTTPS
in the middle of a user's workflow (only at the very beginning -- by
using the CONFIDENTIAL transport-guarantee in web.xml).
Is your test browser accepting cookies? Or, are your links generated in
such a way (either with Struts tags, or by using response.encodeURL
directly) that a session can be tracked without cookies?
Erik
Konstantina Stamopoulou wrote:
>Hello evelyone,
>I'm facing the following problem. I try to switch from http to https using
><forward> tags in the struts-config.xml
>
> <forward name="standard" redirect="true"
>path="http://pc:8989/cdn-data-new/tvmode.jsp"/>
> <forward name="secure" redirect="true"
>path="https://pc:8989/cdn-data-new/tvmode.jsp"/>
>
>In the Action class I use : return mapping.findForward("standard");
>Everything works fine up to here. When the redirection has been completed I
>have lost the session.
>At first I thought that switching form http to https and vice versa causes
>the problem, but I noticed that the same thing happens when I use the same
>protocol, http and use redirect.
>It is a critical problem for my project and I would appriciated if you
could
>help me.
>
>Thank you in advance
>Konstantina
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>For additional commands, e-mail: user-help@struts.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Loosing session while redirecting
Posted by Erik Weber <er...@mindspring.com>.
I don't know any reason why a redirect should be the cause of session
"breaking", though I admit I haven't used a redirect from HTTP to HTTPS
in the middle of a user's workflow (only at the very beginning -- by
using the CONFIDENTIAL transport-guarantee in web.xml).
Is your test browser accepting cookies? Or, are your links generated in
such a way (either with Struts tags, or by using response.encodeURL
directly) that a session can be tracked without cookies?
Erik
Konstantina Stamopoulou wrote:
>Hello evelyone,
>I'm facing the following problem. I try to switch from http to https using
><forward> tags in the struts-config.xml
>
> <forward name="standard" redirect="true"
>path="http://pc:8989/cdn-data-new/tvmode.jsp"/>
> <forward name="secure" redirect="true"
>path="https://pc:8989/cdn-data-new/tvmode.jsp"/>
>
>In the Action class I use : return mapping.findForward("standard");
>Everything works fine up to here. When the redirection has been completed I
>have lost the session.
>At first I thought that switching form http to https and vice versa causes
>the problem, but I noticed that the same thing happens when I use the same
>protocol, http and use redirect.
>It is a critical problem for my project and I would appriciated if you could
>help me.
>
>Thank you in advance
>Konstantina
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>For additional commands, e-mail: user-help@struts.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org