I have a developer who uses HTTP on a landing page
then switches to HTTPS (SSL) with a small amount of
data from the non-secure page.

My opinion is this is a bad practice for security, but
frying that fish is not for this forum. 

1) does resin 3.0.18 or for that matter any J2EE
container allow for switching sessions?

2) does this cause a new session to be created? 

3) how does resin handle this (if legal according to

4) should I look at java docs for J2EE containers?


Need a quick answer? Get one in minutes from people who know.
Ask your question on www.Answers.yahoo.com

resin-interest mailing list

Reply via email to