Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 71172 invoked from network); 13 Nov 2003 14:48:01 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 13 Nov 2003 14:48:01 -0000 Received: (qmail 29558 invoked by uid 500); 13 Nov 2003 14:47:34 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 29543 invoked by uid 500); 13 Nov 2003 14:47:34 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 29529 invoked from network); 13 Nov 2003 14:47:33 -0000 Received: from unknown (HELO moutng.kundenserver.de) (212.227.126.184) by daedalus.apache.org with SMTP; 13 Nov 2003 14:47:33 -0000 Received: from [212.227.126.155] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1AKIkw-0006xI-00 for tomcat-user@jakarta.apache.org; Thu, 13 Nov 2003 15:47:34 +0100 Received: from [80.128.23.242] (helo=cyberspaceroad.com) by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1) id 1AKIkw-00033U-00 for tomcat-user@jakarta.apache.org; Thu, 13 Nov 2003 15:47:34 +0100 Message-ID: <3FB39953.2050407@cyberspaceroad.com> Date: Thu, 13 Nov 2003 15:46:43 +0100 From: Adam Hardy User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031007 X-Accept-Language: en, en-us, de-de MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Sessions - SSL References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N On 11/13/2003 03:07 PM Harry Mantheakis wrote: >>I doubt very much that this implementation is container-specific to >>tomcat. Did you try searching on 'user-data-constraint' or 'confidential'? > > Yes, I did a search for those, but it did not shed any more light on whether > or not (and how) cookies created with an SSL connection are visible or > accessible to non-SSL requests. Cookies!? I'm out of my depth now. I was previously talking about going from HTTP to HTTPS as well, but it seems you are required to do the opposite direction. I guess you'll have to wait for the other more qualified listers for an answer. Adam -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org