--- cga <[EMAIL PROTECTED]> wrote:
> I find it strange that it doesn't maintains session
> accross http and https.
> �Are you redirecting?
Netscape (4.7, at least) does not maintain session
between http and https. IE does. This happens with or
without redirect.
What I ended up doing is to ALWAYS encode session id
into the urls when crossing the http/https boundary,
so not depending on the encodeURL or encodeRedirectURL
of response object.
> Gaston
>
>
> ----- Original Message -----
> From: Elijah Roberts <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, December 09, 2000 4:11 AM
> Subject: Re: how to maintain session between HTTP
> and HTTPS?
>
>
> > On Saturday December 09, 2000 Weigen Liang wrote:
> > > > I'm trying to find a way to maintain session
> between
> > > > HTTP and HTTPS: some pages (html/jsp),
> > > > such as login and credit card info, need to
> > > > transported under HTTPS, but the rest does not
> > > > need to. I prefer not to spending the extra
> > > > cpu circles for unnecessary encryption since
> > > > the servers may be under heavy cpu utilization
> > > > due to generating images for returning to
> user.
> > > >
> > > > Any suggestions?
> >
> > Is a normal JSP session not maintained across HTTP
> and HTTPS. I have
> > never tried it out, but I don't see any reason why
> it shouldn't work.
> > Have you tried it and found it to not work? Your
> email is a little vague.
> >
> > Elijah Roberts
> > [EMAIL PROTECTED]
>
__________________________________________________
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/
