Quoting "Fullam, Jonathan" <[EMAIL PROTECTED]>: > All, > > The application I am working on is secured with a login that required a > username and password. Once a user is logged in, all pages can be accessed > as long as there is a Subject object in the Session. My problem is that > part of the webapp provided links to pages that open in another window, and > when the link is clicked, it is forwarding to the logon page as if the > Subject object is no longer in the Session. I've determined that this > behavior is only present when the hostname used for the request is not fully > qualified upon the intial logon. >
This is really a question for your servlet container provider, since it's not Struts specific. It's up to the server configuration whether "serverName" and "serverName.mycompany.com" are considered to be the same virtual host or not (which would be a prerequisite to sharing the session). A couple of approaches to consider: * If your webserver considers the two to be different, put a redirect on one so that you always end up on the other. * Construct all your hyperlinks without the "http://host"; part, and just start with a slash followed by the context path. That way, the browser will reconstruct an absolute URL using the server name (qualified or not) that came in on the original request. Craig > For instance. > > User logons on by going to http://serverName/webapp/logon.do > > Then the application provides a link to > http://serverName.mycompany.com/webapp/something.do which open a page in a > new window. > > When the user click the link, a new window is opened but they are forwarded > to the logon page as if they never logged on in the first place. > > How can I have all requests to the original hostname > http://serverName/webapp be redirected to > http://serverName.mycompany.com/webapp ? Is there anybody out there that > has experienced this or knows of a better way to work around this issue? > > Thanks in Advance, > Jonathan > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
