We use Vosao's authentication system and I've been trying to share session cookies between https and http using CORS but browser support is still inconsistent. If you use Java, that's what I've been using: http://software.dzhuvinov.com/cors-filter.html
On Friday, 24 August 2012 17:28:22 UTC+12, Ben Alpert wrote: > > I'm attempting to set up my app so that certain pages can be served over > HTTPS but most are served over HTTP: > > If I log in to my app with a Google account over HTTPS, then the SACSID > cookie gets set which causes App Engine to happily return the proper > account when users.get_current_user() is called. > > Unfortunately, when I return to the HTTP version of my site, App Engine > seems to look for the ACSID cookie instead, which isn't present, so > users.get_current_user() returns nothing. > > Is there a way I can configure App Engine to honor the SACSID cookie over > HTTP or some way to transfer the cookie between the two? (The cookies don't > use the same value; simply copying the cookie appears not to work.) > > Thanks, > > Ben > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/t2zvGH0B0_oJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
