tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Duncan Smith <j...@deckertelecom.net>
Subject Re: SSL Login, Hotmail style
Date Wed, 02 Jan 2002 10:02:28 GMT
You could generate your own seesion Id (an auto-inc field in a database,
perhaps) then either post this value between pages in a hidden input type, or
pass on the URL for get requests.

Just a suggestion.

Duncan.

Kok Hoor wrote:

> Hi, all ...
>
>     I've been trying to write my own login algorithm that
> mimics Hotmail login.
>
> 1. your browser browse to a http page, in my case, login.jsp.
> 2. When you click on enter to submit your login, the form is
>   posted to a https page, in this case, processLogin.jsp
> 3. If the login is valid, the https page will redirect you to a http page,
> in this case index.jsp
>
> The problem is, in order for this to work, I need to ensure that
> login.jsp has created a session for the user. If I only create a
> session in processLogin, the session will not be available, when user
> access index.jsp, which means:
>
> https -> http ... session created in https will not be visible in http.
> http -> https, session created in http will be visible in https.
>
> Is there any workaround for this?
>
> Regards,
>     Kok Hoor
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
>
> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message