I have a login JSP that does a session.setAttribute and all subsequent pages do a session.getAttribute to ensure the user is logged in. The login page uses HTTPS and then redirects to HTTP for subsequent pages. This worked in Tomcat 3.2.4 but fails in Tomcat 4.0.6, 4.1.24, and 5 alpha. BUT THE WAY IT FAILS IS PARTICULARLY BIZARRE - it will fail the first time but work the second time. This is very consistent. Below are 2 extremely simple JSPs that demo the problem. The first only sets the attribute and provides a link to the second. The second displays the attribute. The first time through it will say "TEST=null". If you then hit the back button and refresh the first page and click next again it will say "TEST=TEST_VAL" like it should
*** First JSP: https://www3.nuserve.com:8011/testS1.jsp *** <% System.out.println("Setting TEST_KEY=TEST_VAL"); session.setAttribute("TEST_KEY","TEST_VAL"); %> <a href="http://www3.nuserve.com:8010/testS2.jsp";>next</a> *** Second JSP: http://www3.nuserve.com:8010/testS2.jsp *** TEST=<%=session.getAttribute("TEST_KEY")%> Does anyone have an idea what causes this or how to fix it? Thanks, Dan --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
