tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-francois Arcand <jeanfrancois.arc...@sun.com>
Subject Re: SSL Session x Non SSL Session Problem
Date Thu, 08 Aug 2002 19:51:22 GMT


Jose Francisco Junior wrote:

>Please,
>
>Does anybody know anything about the problem below !!!
>
>I can't share an session object that was instatiated on a
> SSL connection with a NON SSL connection.
>
>I am trying to authenticate users using a SSL connection
> and after the authentication I forward the request to an
> Non-SSL connection but the session object is invalidated.
>
>How can I solve this problem ?
>
The only solution I recommend is to use SSL for all connections (or not 
use at all). The ID associated with the SSL session will certainly not 
the same as the one created without SSL (how is the Principal (user, 
password) get passed. If it was, how can you differenciate an 
authenticated user?

-- Jeanfrancois

>
>Thanks in advance,
>Junior
>________________________________________________
>Don't E-Mail, ZipMail! http://www.zipmail.com/
>
>--
>To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>
>
>  
>

-- 
Jean-Francois Arcand
Java and XML Software, Sun Microsystems 
450.224.475



--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message