-----Original Message-----
From: David Cassidy (Programmer) [mailto:[EMAIL PROTECTED]]
Sent: Dienstag, 24. Juli 2001 18:22
To: [EMAIL PROTECTED]
Subject: Re: keeping sessions when switching from http to httpsThis is rubbish.
I'm using tomcat and switching between secure and non secure sites and
the session is following no probs. (i'm using cookies though)Is your context the same on the secure and insecure ones ?
Can you provide an example of the link that you are using to go
between the insecure one and the secure one.
( and the link that it produces :) )
Thanks
David
Brigger Patrick wrote:
>
> This is for use in an e-commerece application. The customer puts items
> in
> his shopping basket. When he decides to purchase, the login and credit
> card
> input pages are under https. Therefore, I need to establish a session
> under
> http and carry it over to https!
>
> This works perfectly fine using JServ (real life example:
> www.getabstract.com). I am surprised to find out that I should be the
> first
> one who needs this using Tomcat!(?). Any real-life e-shop application
> will
> face this requirement. Has really nobody done this before?
>
> Thanks for the answer, anyway.
>
> Pat
>
> -----Original Message-----
> From: Wyn Easton [mailto:[EMAIL PROTECTED]]
> Sent: Dienstag, 24. Juli 2001 15:17
> To: [EMAIL PROTECTED]
> Subject: Re: keeping sessions when switching from http to https
>
> What if you don't create the session until you switch
> to https?
>
> A session is pinned to a domain. The domain includes
> the scheme (http or https) so when you switch from
> http to https you will loose your session. Also the
> port number will change, which changes the domain.
>
> --- Brigger Patrick <[EMAIL PROTECTED]>
> wrote:
> > Hi,
> >
> > Without cookies, I loose my session object when
> > switching from http to https
> > using encodeUrl. Can anyone help?
> > Otherwise, it makes Tomcat really useless in real
> > life applications, where
> > it is absolutely necessary to support customers that
> > have cookies disabled.
> >
> > Thanks,
> >
> > Pat
>
> __________________________________________________
> Do You Yahoo!?
> Make international calls for as low as $.04/minute with Yahoo! Messenger
> http://phonecard.yahoo.com/
Title: Re: keeping sessions when switching from http to https
Dear
David,
Yes,
with cookies turned on it alsow works on my end, no problem. However, many
people have cookies turned off, and for any real world application, it MUST also
work when cookies are turned off.
Go to
Netscape, turn cookies off, and then try your own programs again. If you can
still switch from one to the other, bingo, I will pay you something if you tell
me the trick.
(I am
using secure and insecure in same context).
Thanks,
Pat
- keeping sessions when switching from http to ht... Brigger Patrick
- Re: keeping sessions when switching from h... Wyn Easton
- RE: keeping sessions when switching from h... Brigger Patrick
- RE: keeping sessions when switching from h... Li Liang
- Re: keeping sessions when switching from h... David Cassidy (Programmer)
- Re: keeping sessions when switching from h... Mike Spreitzer
- RE: keeping sessions when switching from h... Brigger Patrick
- RE: keeping sessions when switching from h... Brigger Patrick
- RE: keeping sessions when switching from h... William Kaufman
- RE: keeping sessions when switching from h... Li Liang
- RE: keeping sessions when switching from h... Brigger Patrick
- RE: keeping sessions when switching from h... Li Liang
