I'm using a standalone container, and I find that everything works
transparently (only one session) if I resort to hard coding the scheme.
Right now, I'm doing this in the Struts-config.
<forward name="standard"
path="http://data.wxxi.org/wxxi-gavel/register/logon.jsp"/>
<forward name="secure"
path="https://data.wxxi.org/wxxi-gavel/register/logon.jsp"/>
which are called with code like this in the action
String url = null;
if (secureMode) {
url = mapping.findForward("secure").getPath();
ActionForward actionForward = new ActionForward(url,true);
return (actionForward);
}
else return (mapping.findForward("standard"));
where I'm tracking "secureMode" as a session attribute.
If they login or register in secure mode, I end the process with a [[
BIG LINK ]] that routes them back to the http scheme.
Messy, but it gets me through the day.
I haven't had time to think about it, but it seems to me that we should
be able to work this into the custom tags. Struts is very good about
automagically converting the links when you switch schemes, so it seems
to me we should be able to force the tags to one scheme or the other,
when appropriate.
Michael Wilimsky wrote:
>
> hello everyone...
>
> i still couldn´t find a solution on how to switch from
>
> let´s say http://localhost:myport/myapp/something.jsp to
> https://localhost:mysecureport/myapp/somethingelsethatneedstobesecure_oreven
> thesamepage.jsp
>
> while retaining resp. cloning the content of my sessioncontext...
>
> i am using the urlrewriting-method to manage my sessions
>
> as far as my experience tells me i get two different sessionIDs for
>
> http://localhost:myport/myapp/something.jsp
> and the corresponding
> https://localhost:mysecureport/myapp/something.jsp
>
> how can i copy the sessioncontext to the secure side and vice versa?
>
> michy
