Hi, I am using form login and I'd like to send my username/password via https to the server. That can be easily accomplished by setting up the https connection on port 8443 on tomcat. The problem is after logging in, I'd like to switch back to http with the user "login state" preserved from the https session. But alas, switching from https to http wipes out session info on Netscape (4.7). When my post login jsp pages reference the previously set session login object via http, null is returned. However, if I stay in https, everything is fine. I know bea weblogic has a solution where the server can be set to inhibit the server port number from being included in the cookie sent back to Netscape. This way only the domain name is sent. But I can't find that a similar setting in Tomcat. Any advice on this would be greatly appreciated. Thanks Ben Wong
