No. I just tried with Netscape 7.1, IE 5.5, and IE 6.0. Same results for all. It's definitely a Tomcat thing. - Dan
> Dan, > > Does it matter which browser you use? I am experiencing (so far without > resolution) problems invalidating and re-establishing sessions and > refreshing pages based on session status when I use IE but have the same > pages operate perfectly under NetScape. > > Murray > -----Original Message----- > From: Dan Lipofsky [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 29 July 2003 06:54 > To: [EMAIL PROTECTED] > Subject: HTTPS session strangeness with Tomcat 4.0.6 > > > I have a login JSP that does a session.setAttribute and all > subsequent pages do a session.getAttribute to ensure the > user is logged in. The login page uses HTTPS and then > redirects to HTTP for subsequent pages. This worked in > Tomcat 3.2.4 but fails in Tomcat 4.0.6, 4.1.24, and 5 alpha. > BUT THE WAY IT FAILS IS PARTICULARLY BIZARRE - it will fail > the first time but work the second time. This is very > consistent. Below are 2 extremely simple JSPs that demo the > problem. The first only sets the attribute and provides a > link to the second. The second displays the attribute. The > first time through it will say "TEST=null". If you then hit > the back button and refresh the first page and click next > again it will say "TEST=TEST_VAL" like it should > > > *** First JSP: https://www3.nuserve.com:8011/testS1.jsp *** > > <% > System.out.println("Setting TEST_KEY=TEST_VAL"); > session.setAttribute("TEST_KEY","TEST_VAL"); > %> > <a href="http://www3.nuserve.com:8010/testS2.jsp";>next</a> > > > *** Second JSP: http://www3.nuserve.com:8010/testS2.jsp *** > > TEST=<%=session.getAttribute("TEST_KEY")%> > > > Does anyone have an idea what causes this or how to fix it? > Thanks, > Dan --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
