Jose Francisco Junior wrote:
>Please,
>
>Does anybody know anything about the problem below !!!
>
>I can't share an session object that was instatiated on a
> SSL connection with a NON SSL connection.
>
>I am trying to authenticate users using a SSL connection
> and after the authentication I forward the request to an
> Non-SSL connection but the session object is invalidated.
>
>How can I solve this problem ?
>
The only solution I recommend is to use SSL for all connections (or not
use at all). The ID associated with the SSL session will certainly not
the same as the one created without SSL (how is the Principal (user,
password) get passed. If it was, how can you differenciate an
authenticated user?
-- Jeanfrancois
>
>Thanks in advance,
>Junior
>________________________________________________
>Don't E-Mail, ZipMail! http://www.zipmail.com/
>
>--
>To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
>For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
>
>
--
Jean-Francois Arcand
Java and XML Software, Sun Microsystems
450.224.475
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
