Hi All, I'm new to the list -- I hope this is not a topic that's been beaten to death - I searched the Archives but could not find the answer to my question.
The problem I'm having on Tomcat 4.1.29 is that the first page a user visits is secure -- the session cookie gets set with the 'secure' flag value set to true. After login, the user gets sent to a non-secure page, the 'secure' cookie does not get sent back to the server, and the user gets a new session which is not logged in. After visiting the non-secure page, the user can go back to the secure page and log in without any problems. Is there a config setting to tell Tomcat never to use secure cookies, or any other solution to fix this problem (other than forcing a non-secure page visit first)? Thanks much, -- Andrew Mottaz Site 9 :: Internet Business Solutions 116 W. Illinois, Ste 6E Chicago, Illinois 60610 312.670.8469 www.site9.net --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]