tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hassan Schroeder <has...@webtuitive.com>
Subject Re: tomcat 5 combined http and https, same session
Date Tue, 25 Oct 2005 00:30:41 GMT
Rob wrote:

> to run https for some pages in my webapp, and http for other pages, using
> the same session.  It's working where I can redirect from http to https (see
> the web.xml security constraint block below), but then I'm in https for all
> web pages, and if I type http at the URL, the session goes away.  What I'm
> aiming for is a webapp where account info is secure and general web pages
> are http, and the session is preserved.

In that exact scenario I'm using a Filter to redirect URLs that
don't need to be secure back to http, and I've never (/me knocks
on nearest wooden object!) had a problem with sessions dropping.

FWIW!
-- 
Hassan Schroeder ----------------------------- hassan@webtuitive.com
Webtuitive Design ===  (+1) 408-938-0567   === http://webtuitive.com

                          dream.  code.



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message