some performance drawbacks....or am i wrong? =)
Adrian Janssen wrote:
as i undersand it this is what is suppused to happen i.e. sessions are NOT shared across http / https boundaries. I assume for security reasons.Why do you not just continue in https after login?-----Original Message----- From: randie ursal [SMTP:[EMAIL PROTECTED]] Sent: 21 August 2002 08:23 To: [EMAIL PROTECTED] Subject: about SSL on servlet hi, has anyone use SSL support for accessing your Servlet? because i have a question about session tracking on using both http and https to access my web applicaiton. here is the scenario, i make use of "https" (ex. "https://duncan:8443/test/LogIn.html") for user login then i shift to "http" protocol for ordinary query by specifying the complete URL for the servlet (ex. "http://duncan:8080/test/testServlet") to be called on the HTML form. what happen is that when i shift to "http" a new session has been created, is this really the behavior?...is there a way for me to keep only one session for both "http" and "https" request? thanks randie __________________________________________________________________________ _ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html-- It is the strict policy of Truworths that its e-mail facility and all e-mail communications emanating therefrom, should be utilised for business purposes only and should conform to high professional and business standards. Truworths has stipulated certain regulations in terms whereof strict guidelines relating to the use and content of e-mail communications are laid down. The use of the Truworths e-mail facility is not permitted for the distribution of chain letters or offensive mail of any nature whatsoever. Truworths hereby distances itself from and accepts no liability in respect of the unauthorised use of its e-mail facility or the sending of e-mail communications for other than strictly business purposes. Truworths furthermore disclaims liability for any unauthorised instruction for which permission was not granted. Truworths Limited accepts no liability for any consequences arising from or as a result of reliance on this message unless it is in respect of bona fide Truworths business for which proper authorisation has been granted. Any recipient of an unacceptable communication, a chain letter or offensive material of any nature is requested to notify the Truworths e-mail administrator ([EMAIL PROTECTED]) immediately in order that appropriate action can be taken against the individual concerned. ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
-- Randie V. Ursal Design Engineering Department NEC Telecom Software Philippines, Inc. office : +63(032) 233-9142 (loc.3119) mobile : +63(0917) 467-8244 email : [EMAIL PROTECTED]
