Message-
From: Li Liang [mailto:[EMAIL PROTECTED]]
Sent: Mittwoch, 25. Juli 2001 20:09
To: [EMAIL PROTECTED]
Subject: RE: keeping sessions when switching from http to https
I guess that's the way Tomcat parses the session info from request. When
it gets the cookie, everything is fine that it can
Title: Re: keeping sessions when switching from http to https
Dear
David,
Yes,
with cookies turned on it alsow works on my end, no problem. However, many
people have cookies turned off, and for any real world application, it MUST also
work when cookies are turned off.
Go to
Netscape
When I try with cookies enabled, it works both on Netscape and IE 5.
Cookies disabled does not work on either.
Pat
-Original Message-
From: Mike Spreitzer [mailto:[EMAIL PROTECTED]]
Sent: Dienstag, 24. Juli 2001 19:13
To: [EMAIL PROTECTED]
Subject: Re: keeping sessions when switching
.
-- Bill K.
-Original Message-
From: Brigger Patrick [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 24, 2001 11:05 PM
To: '[EMAIL PROTECTED]'
Subject: RE: keeping sessions when switching from http to https
When I try with cookies enabled, it works both
with both or succeed with both.
-- Bill K.
-Original Message-
From: Brigger Patrick [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 24, 2001 11:05 PM
To: '[EMAIL PROTECTED]'
Subject: RE: keeping sessions when switching from http to https
When I
What if you don't create the session until you switch
to https?
A session is pinned to a domain. The domain includes
the scheme (http or https) so when you switch from
http to https you will loose your session. Also the
port number will change, which changes the domain.
--- Brigger Patrick
-
From: Wyn Easton [mailto:[EMAIL PROTECTED]]
Sent: Dienstag, 24. Juli 2001 15:17
To: [EMAIL PROTECTED]
Subject: Re: keeping sessions when switching from http to https
What if you don't create the session until you switch
to https?
A session is pinned to a domain. The domain includes
the scheme (http
Title: Re: keeping sessions when switching from http to https
This is rubbish.
I'm using tomcat and switching between secure and non secure sites and
the session is following no probs. (i'm using cookies though)
Is your context the same on the secure and insecure ones ?
Can you provide
Be careful when you experiment and report on this. I have found that IE 5
carries cookies from http to https but Netscape 4 does not. I have only
tested this with cookies, not URL-rewriting. I'm grumped by this problem,
but it's not critcal for me yet --- for my current site, I think I can