Re: session between domains

Tue, 01 Apr 2003 17:04:07 -0800

Filip,
Right, I think I understand your response, but, I believe I only have 1 webapp on the server.

Regardless, I thank you for your assessment of the problem, and for your helpful suggestion. But I'm not quite sure what you mean:

"then keep track of it yourself"

Are you suggesting that I set the jsessionid in my own cookie? If so, I couldn't find a function to get it, much less another function to use the jsessionid to retrieve the associated session object.

Otherwise, are you suggesting that I just extract the data that I need from the session and set cookies for it all, then grab the cookie data on the secure page?

Could i post to the secure page with the data maybe?

hrmmmm....



Filip Hanik wrote: 
tomcat sessions are not only specific to your domain, but also to the actual
webapp.

tomcat per spec can not share cookies across webapps, even less across
domain.

why dont you set your own cookie, and set the domain to myserver.com, and
then keep track of it yourself

Filip


-----Original Message-----
From: Troy A. Griffitts [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 01, 2003 4:40 PM
To: [EMAIL PROTECTED]
Subject: session between domains


Hey guys. I have a standard site, say:

http://mysite.myserver.com

And eventually the user gets to a place where we'll need to jump them to
something like:

https://secure.myserver.com

to take their credit card information.  I lose my session when doing
this.  Both URLs point to the same server and are served by the same
webapp-- I can shop the whole site on https://secure.myserver.com/, but
I can't make the jump.

I'm guessing it probably has something to do with my jsessionid being
stored as a cookie.  I was wondering if I could force the
';jsessionid=xxxxxxxx...' to the url or something.


Otherwise, how does one usually handle such a common thing with tomcat?

-Troy.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to