On Fri, 23 Mar 2001, Darrell Porter wrote:
>
> ---------------
> | A |
> ---------------
> | | |
> | B | C |
> | | |
> ---------------
>
> I have an application in which within one browser window I wish to display,
> within 3 frames, 3 separate JSPs.
>
> Frames A and B are JSPs sourced from server 1
> Frame C is a JSP sourced from Server 2
>
> When the JSP from Frame C attempt to obtain session information from the JSP
> in Frame B, the JSP in Frame C generates an ACCESS DENIED error.
>
This is a standard security feature in your browser, and doesn't directly
have anything to do with JSPs. The browser sees that the two frames came
from different hosts, so it prevents cross-host access in order to avoid
malicious scripts from one host interfering with the operation of an
application from another host.
> How do I fix this, if it is fixable? Have I provided sufficient
> information?
>
You can check through the config settings for your browser, but I'm not
sure that any of them will allow you to turn this off -- it's pretty
dangerous.
> Darrell Porter
Craig McClanahan
