Thanks Raj. I am re-writing my mail. Please ignore my previous mail.
Explaining a bit more about my problem. I am trying to launch mobile version of my store(developed on ofbiz). Most of mobiles won't support cookies. So, I want to implement my storefront without cookies. As your suggestion OOTB, appending JSESSIONID with every URL is lil bit unsecure. Because, MITM attack chances will be more with this. *Is there any other solution for switching between http and https smoothly once(first time into https) logged in @ cookies disabled by customer??????* * * *Is this problem in ofbiz or already in tomcat also??* * * *. * On Sun, Nov 8, 2009 at 11:54 AM, Kumaraswamy nandipati < kumarasw...@ecomzera.com> wrote: > Thanks Raj. > > Explaining a bit more about my problem. I am trying to launch mobile > version of my store(developed on ofbiz). Most of mobiles won't support > cookies. So, I want to implement my storefront without cookies. As your > suggestion OOTB, appending JSESSIONID with every URL is lil bit unsecure. > Because, MITM attack chances will be more with this. > > > *Is there any other solution for switching between http and https smoothly > once(first time) logged in without using cookies????*. > > > > On Sat, Nov 7, 2009 at 10:17 PM, Raj Saini <rajsa...@gmail.com> wrote: > >> Hi Hemanth, >> >> Can you explain a bit more please? What do you mean "when moving". >> >> Thanks, >> >> Raj >> >> >> Hemanth Kumar Kanamarlapudi wrote: >> >>> Hi All, >>> >>> Even i am facing this same problem of logging out in my ofbiz application >>> when moving. Your help is appreciated. >>> >>> Regards >>> Hemanth >>> >>> ________________________________________ >>> From: Raj Saini [rajsa...@gmail.com] >>> Sent: 07 November 2009 20:37 >>> To: user@ofbiz.apache.org >>> Subject: Re: switching between http and https without cookies possible in >>> ofbiz????? >>> >>> Kumaraswamy, >>> >>> If you disbable the cookies every URL must have a jsession id. This >>> works fine OOTB when switching one protocol to another and jsessionid is >>> appended to the URL. Your's is custom code or you are using OOTB? >>> >>> Thanks, >>> >>> Raj >>> >>> Kumaraswamy nandipati wrote: >>> >>> >>>> Hi All, >>>> >>>> I am not a tech savvy. Please pull me out of this problem. >>>> >>>> Problem: I am browsing with "Disable Cookies" option for my ofbiz site. >>>> When >>>> ever, I switch from http to https it is asking me to login. I saw that >>>> ofbiz >>>> sets JSESSIONID as a cookie in normal browsing(cookie enabled). >>>> >>>> Q1) Is this problem only in ofbiz or default from tomcat. I am >>>> questioning >>>> because ofbiz internally uses tomcat instance??. >>>> >>>> Q2) Is there any solution for switching between http and https other >>>> than >>>> cookies??? Because, I want my "cookie-disabled customers" to browse >>>> successfully on my site to place order??. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>> >>> http://www.mindtree.com/email/disclaimer.html >>> >>> >>> >> >> > > > -- > Thanks, > Kumaraswamy.N > 91-9866805250. > -- Thanks, Kumaraswamy.N 91-9866805250.