I think the most likely scenario where this could be an issue and the proposed solution would help is if some of your site is http, but post-login, it changes to https to deal with more secure/personal information and features.
I wouldn't tie this session swapping to the login process, but rather make it useable wherever the app developer wants, probably when a protocol change is made. Thoughts? Devon View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4050697#4050697 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4050697 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
