Hello everyone,
I've been tracking this for days. I'm using a Tomcat 4.1.29/IE6
setup. I've inherited an application written in a mix of JSP, struts and
servlets (A mess). The application stores a user object in the session when
it logs on. This works fine until it pops a window to talk to a secure
server. When you close this window and return to the main window, the next
jsp creates a new session instead of reusing the one initially create. Hence
it cannot find the user object and assumes they have logged of.
The only solution I've found is to create a JSESSIONID cookie and set the
domain to my domain and path = "/". I would prefer to let Tomcat do the
session tracking so that it can handle browsers with cookies turned of.
Has anyone encountered this problem and can give me a better idea of what is
going on ? At the moment I think that tomcat is creating new sessions if the
JSPs are in different paths. I.e. server.com/a.jsp and
server.com/mydir/b.jsp would have different sessions. At leasts that appears
to be part of the problem.
Any ideas ?
Ciao
D
