Return-Path: 
 <tomcat-user-return-125981-apmail-jakarta-tomcat-user-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org
Received: (qmail 81427 invoked from network); 2 May 2005 12:53:08 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 2 May 2005 12:53:08 -0000
Received: (qmail 93970 invoked by uid 500); 2 May 2005 12:54:03 -0000
Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org
Received: (qmail 93953 invoked by uid 500); 2 May 2005 12:54:03 -0000
Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:tomcat-user-subscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-user-help@jakarta.apache.org>
List-Post: <mailto:tomcat-user@jakarta.apache.org>
List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org>
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Delivered-To: mailing list tomcat-user@jakarta.apache.org
Received: (qmail 93940 invoked by uid 99); 2 May 2005 12:54:03 -0000
X-ASF-Spam-Status: No, hits=0.1 required=10.0
	tests=FORGED_RCVD_HELO
X-Spam-Check-By: apache.org
Received-SPF: neutral (hermes.apache.org: local policy)
Received: from r200-40-173-210.adsl.anteldata.net.uy (HELO
 melbourne.uy.manentiasoftware.com) (200.40.173.210)
  by apache.org (qpsmtpd/0.28) with ESMTP; Mon, 02 May 2005 05:54:03 -0700
Received: from [192.168.0.23] (softdnserr [::ffff:192.168.0.1])
  (AUTH: PLAIN fpena)
  by melbourne.uy.manentiasoftware.com with esmtp;
 Mon, 02 May 2005 09:51:55 -0300
  id 0003C03D.4276226B.00006905
Message-ID: <42762305.5050501@adinet.com.uy>
Date: Mon, 02 May 2005 09:54:29 -0300
From: Fabian Pena <fpena@adinet.com.uy>
User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: tomcat-user@jakarta.apache.org
Subject: Moving from http to https doesnt expire session
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

hi all

I have a simple question, at least I think that.
I am developing an applicatin that contains confidential information,
and I'm having a simple problem.
when a user move from http to https de session doesnt expire, the
jsessionid is the same.
I want generate a new session and of course change de jsessionid in the
first https request.

Any one can help me.

Thanks in advance

Fabian

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org