Hi Kumaraswamy,
Only other way I see is hidden form variable. Instead appending the
jsession id to URL send it as hidden form variable. I think you will
need to make all your requests POST requests.
Thanks,
Raj
Kumaraswamy nandipati wrote:
Thanks Raj.
I am re-writing my mail. Please ignore my previous mail.
Explaining a bit more about my problem. I am trying to launch mobile version
of my store(developed on ofbiz). Most of mobiles won't support cookies. So,
I want to implement my storefront without cookies. As your suggestion OOTB,
appending JSESSIONID with every URL is lil bit unsecure. Because, MITM
attack chances will be more with this.
*Is there any other solution for switching between http and https smoothly
once(first time into https) logged in @ cookies disabled by customer??????*
*
*
*Is this problem in ofbiz or already in tomcat also??*
* *
*. *
On Sun, Nov 8, 2009 at 11:54 AM, Kumaraswamy nandipati <
kumarasw...@ecomzera.com> wrote:
Thanks Raj.
Explaining a bit more about my problem. I am trying to launch mobile
version of my store(developed on ofbiz). Most of mobiles won't support
cookies. So, I want to implement my storefront without cookies. As your
suggestion OOTB, appending JSESSIONID with every URL is lil bit unsecure.
Because, MITM attack chances will be more with this.
*Is there any other solution for switching between http and https smoothly
once(first time) logged in without using cookies????*.
On Sat, Nov 7, 2009 at 10:17 PM, Raj Saini <rajsa...@gmail.com> wrote:
Hi Hemanth,
Can you explain a bit more please? What do you mean "when moving".
Thanks,
Raj
Hemanth Kumar Kanamarlapudi wrote:
Hi All,
Even i am facing this same problem of logging out in my ofbiz application
when moving. Your help is appreciated.
Regards
Hemanth
________________________________________
From: Raj Saini [rajsa...@gmail.com]
Sent: 07 November 2009 20:37
To: user@ofbiz.apache.org
Subject: Re: switching between http and https without cookies possible in
ofbiz?????
Kumaraswamy,
If you disbable the cookies every URL must have a jsession id. This
works fine OOTB when switching one protocol to another and jsessionid is
appended to the URL. Your's is custom code or you are using OOTB?
Thanks,
Raj
Kumaraswamy nandipati wrote:
Hi All,
I am not a tech savvy. Please pull me out of this problem.
Problem: I am browsing with "Disable Cookies" option for my ofbiz site.
When
ever, I switch from http to https it is asking me to login. I saw that
ofbiz
sets JSESSIONID as a cookie in normal browsing(cookie enabled).
Q1) Is this problem only in ofbiz or default from tomcat. I am
questioning
because ofbiz internally uses tomcat instance??.
Q2) Is there any solution for switching between http and https other
than
cookies??? Because, I want my "cookie-disabled customers" to browse
successfully on my site to place order??.
http://www.mindtree.com/email/disclaimer.html
--
Thanks,
Kumaraswamy.N
91-9866805250.
