tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "cga" <>
Subject RE: how to maintain session between HTTP and HTTPS?
Date Sat, 09 Dec 2000 07:26:46 GMT
I find it strange that it doesn't maintains session accross http and https.
┬┐Are you redirecting?
Anyway, a not very good way of solving the problem is putting the session in
a hashtable and when you have your user back you retrieve the session from
there (and take it  out). Use a parameter to identify the session (or a
cookie). That is how I solved a similar problem when I had to redirect to
another server and get the answer as a http call.



----- Original Message -----
From: Elijah Roberts <>
To: <>
Sent: Saturday, December 09, 2000 4:11 AM
Subject: Re: how to maintain session between HTTP and HTTPS?

> On Saturday December 09, 2000 Weigen Liang wrote:
> > > I'm trying to find a way to maintain session between
> > > HTTP and HTTPS: some pages (html/jsp),
> > > such as login and credit card info, need to
> > > transported under HTTPS, but the rest does not
> > > need to. I prefer not to spending the extra
> > > cpu circles for unnecessary encryption since
> > > the servers may be under heavy cpu utilization
> > > due to generating images for returning to user.
> > >
> > > Any suggestions?
> Is a normal JSP session not maintained across HTTP and HTTPS. I have
> never tried it out, but I don't see any reason why it shouldn't work.
> Have you tried it and found it to not work? Your email is a little vague.
> Elijah Roberts

View raw message