This is for use in an e-commerece application. The customer puts items in
his shopping basket. When he decides to purchase, the login and credit card
input pages are under https. Therefore, I need to establish a session under
http and carry it over to https!
This works perfectly fine using JServ (real life example:
www.getabstract.com). I am surprised to find out that I should be the first
one who needs this using Tomcat!(?). Any real-life e-shop application will
face this requirement. Has really nobody done this before?
Thanks for the answer, anyway.
Pat
-----Original Message-----
From: Wyn Easton [mailto:[EMAIL PROTECTED]]
Sent: Dienstag, 24. Juli 2001 15:17
To: [EMAIL PROTECTED]
Subject: Re: keeping sessions when switching from http to https
What if you don't create the session until you switch
to https?
A session is pinned to a domain. The domain includes
the scheme (http or https) so when you switch from
http to https you will loose your session. Also the
port number will change, which changes the domain.
--- Brigger Patrick <[EMAIL PROTECTED]>
wrote:
> Hi,
>
> Without cookies, I loose my session object when
> switching from http to https
> using encodeUrl. Can anyone help?
> Otherwise, it makes Tomcat really useless in real
> life applications, where
> it is absolutely necessary to support customers that
> have cookies disabled.
>
> Thanks,
>
> Pat
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
