tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ismael Blesa Part" <>
Subject Strange behavious with session creation on http and https
Date Mon, 07 Jun 2004 14:10:06 GMT

I have set two connectors http and https. I have my webapp that is 
served by these two connectors.

I have discovered a strange behaviour with tomcat accessing through http 
and https.

If I open a browser to connect to http:
    - tomcat creates a session
    - my webapp receives the request and returns a page.

This is normal, but if I change (on the same window) the protocol and 
the port to use the https connector,
    - tomcat does not create a new session, it use the old one created 
on the http access
    - my webapp receives the request, but it already has objects on the 

However, If I connect first to https and then I change to http, I will 
have two sessions, one for https and the other one to http.

Should not it generate a new session when a change on the protocol is 
done ??

I have tested this on tomcat 4.1.29, 5.0.25 with java 1.3.1 and 1.4.2 on 
linux (mandrake 10 and red hat enterprise)
Browsers tested IExplorer and Mozilla 1.6

To verify this, I have created a JSP that shows all the data related 
with sessions
if (request!=null) {
out.println("<br>request.getRequestedSessionId() = 
out.println("<br>request.isRequestedSessionIdFromCookie = 
HttpSession misession=request.getSession(false);
if (misession!=null) {
out.println("<br>la sesion se recupera del request ");
out.println("<br>request.getSession(false).getId() = "+misession.getId());
out.println("<br>request.getSession(false).isNew() = "+misession.isNew());


out.println("<br>request.isRequestedSessionIdFromURL() = 
out.println("<br>request.isRequestedSessionIdValid() = 
if (session!=null) {
out.println("<br>session.getId() = "+session.getId());
out.println("<br>session.isNew() = "+session.isNew());

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message