Hallo Werner , hallo Jan-Kees, thank you for your answers.
- I do not redirect to another application but to another URL inside the same application. - I do not change from http to https or vice versa. - Werner: I tried to youse handleNavigtion instead of redirect, but unfortunately i didn't succeed as i got an exception. ( I asked this in another request to this news group...) But now I examined once more an found out another strange fact: I loose the session only if the application is called out of a frame. (The application should be embedded into the website of a customer using a frameset :) <frame src="http://localhost:9080/InvestInform/login/iimnall.jsf"; name="anzeige" id="anzeige" title="anzeige" /> If I call the application directly typing the url (http://localhost:9080/InvestInform/login/iimnall.jsf) to safari, I will not loose the session. And still: I only see this using the safari browser; a customer tells me the same behaviour on the internet explorer v8. Cheers Georg 2009/8/27 Jan-Kees van Andel <[email protected]>: > In most cases, redirecting to a different application on the same > server also leads to loss of session data, since the two applications > don't share session state (they do share the same session ID, but not > the same state). > > But I can't come up with a reason why it only happens in Safari... > > Regards, > Jan-Kees > > > 2009/8/27 Werner Punz <[email protected]>: >> You could issue a navigation via the navigation handler. >> But generally I dont thin you should loose the session on a redirect. >> This is standard servlet stuff. >> Do you change domains in between or do you change from https to http? >> >> >> Werner >> >> >> Georg Füchsle schrieb: >>> >>> Hallo! >>> >>> >>> For starting my application the User asks for a special start-url. >>> During the render-phase at a request for this start-url in a certain >>> case I recognize that the user wants a anonymous logon. In this case I >>> set value of a session bean 'mbUser.name=anonymous' and forward the >>> user to another URL. >>> >>> Generally in my application I accept a request, if the sessionscoped >>> value 'mbUser.name' is set. (So I know that the user had logged on >>> sucessfully.) >>> >>> This works very well since some months. >>> >>> But now when I do so with a safari-browser after the redirect the >>> session scoped value mbUser.name is lost and the application will deny >>> an access. >>> A customer told me he has the same effect with Internet Explorer >>> Version 8, but I can only reproduce this problem with safari. >>> >>> >>> There is another logon mechanism to this application that works >>> without redirect. In this way the session scoped values are not lost >>> and the application can be used. >>> >>> >>> So the problem is: >>> >>> The value of a sessionscoped Bean is lost after redirecting the reqest >>> (only) when using a Safari browser. >>> For redirecting I call: >>> ...getFacesContext().getExternalContext().redirect(newUrl); >>> >>> >>> >>> Can anybody give me a hint? >>> >>> Thanks Georg >>> >> >> >
