On Sun, 1 Dec 2002, Raiden wrote: > Hello, > > I have searched the archives, and while I have seen several people ask > this question, there doesn't seem to be an agreed upon answer/solution. > > I am using Tomcat 4.1.12. When cookies are on, I can switch bettween http > and https just fine, while maintaining my session. (I am using the Ajp13 > connector with Apache, and so Apache does all my SSL management.) [ ... ]
Are you sure about this? Because from all past discussion of this that I can recall, it shouldn't work with cookies -- that is, you should not be able to switch from http to https (or vice-versa) and maintain sessions -- whether you're using cookies or not. There are some posts in the archives that are pretty clear about this -- see the ones from Craig McClanahan, for example. Milt Epstein Research Programmer Integration and Software Engineering (ISE) Campus Information Technologies and Educational Services (CITES) University of Illinois at Urbana-Champaign (UIUC) [EMAIL PROTECTED] -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
