Are you encoding the cross-protocol links (with
HttpServletResponse.encode[Redirect]URL())?
The only reason I ask is that it seems strange that it does OK with cookies
but not with URL encoding: the code paths are similar, so I'd expect it to
fail with both or succeed with both.
-- Bill K.
> -----Original Message-----
> From: Brigger Patrick [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 24, 2001 11:05 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: keeping sessions when switching from http to https
>
>
> When I try with cookies enabled, it works both on Netscape and IE 5.
>
> Cookies disabled does not work on either.
>
> Pat
>
> -----Original Message-----
> From: Mike Spreitzer [mailto:[EMAIL PROTECTED]]
> Sent: Dienstag, 24. Juli 2001 19:13
> To: [EMAIL PROTECTED]
> Subject: Re: keeping sessions when switching from http to https
>
>
> Be careful when you experiment and report on this. I have
> found that IE 5
> carries cookies from http to https but Netscape 4 does not.
> I have only
> tested this with cookies, not URL-rewriting. I'm grumped by
> this problem,
> but it's not critcal for me yet --- for my current site, I
> think I can get
> away with only having sessions on the https side.
>
> Mike
>
