tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrés González" <ang...@gmail.com>
Subject Re: session drop from https to http
Date Mon, 28 Aug 2006 15:45:54 GMT
What is the reason to mix http and https? Why don't you serve all your
pages with https? I think the "performance" argument is not relevant
anymore...

On 8/28/06, Duong BaTien <duong.batien@gmail.com> wrote:
> Greetings:
>
> I have the same problem and look for any suggested solution. In my case,
> any user coming to the site has a session tag with username such as
> Guest-xxx. The user is dynamically directed to secure (https) and
> non-secure (http) section depending on the requested resources.
> Currently, a user needs to signOn twice with the same username before
> the identified session is sticked.
>
> Thanks.
>
> On Mon, 2006-08-28 at 13:20 +0200, Amir S wrote:
> > Hi,
> >
> > Please note that the problem I describe only happen in the first time the
> > HTTP and HTTPS combination is performed.
> > For example if I use http and then https and then http the session stays the
> > same.
> > But if I start with https and then http then the session drops and a new
> > session is allocated and then if I move to https and the http every thing is
> > then fine.
> > Any ideas how to resolve this problem?
> >
> > Thanks
> > Amir
> >
> >
> > -----Original Message-----
> > From: josemanuel lopez [mailto:josemanuellopez@yahoo.com]
> > Sent: Monday, August 28, 2006 1:00 AM
> > To: Tomcat Users List
> > Subject: Re: session drop from https to http
> >
> >
> > Hi
> >
> > The reazon is because the seesion is  created with
> > info  from the call: example: IP address,  Port Etc,
> > and  Tomcat has to  create  a new session because the
> > info is different, I'm being trying to find a solution
> > for this problem, but still I'm working on that. I'll
> > keep you  posted...or if you  find a solution please
> > forward that  to me
> >
> > Thanks
> >
> > --- Amir S <amir@lastversion.com> wrote:
> >
> > > Hi All,
> > >
> > > I have a Jakarta 5.0.28.
> > > When entering the tomcat first
> > > https://127.0.0.1/a.jsp and then
> > > http://127.0.0.1/b.jsp
> > > The sessionID changes?!
> > > In the revise (http://127.0.0.1/b.jsp and then
> > > https://127.0.0.1/a.jsp)
> > > order it does not, why is that?!
> > > How can I fix it?
> > > Please note that the different is in the HTTPS and
> > > HTTP order.
> > >
> > > Regards,
> > > Amir S
> > >
> > >
> > >
> > >
> > >
> > ---------------------------------------------------------------------
> > > To start a new topic, e-mail:
> > > users@tomcat.apache.org
> > > To unsubscribe, e-mail:
> > > users-unsubscribe@tomcat.apache.org
> > > For additional commands, e-mail:
> > > users-help@tomcat.apache.org
> > >
> > >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam?  Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>


-- 

-=-=-=-=-=-=-=-=-=-=-=-=-
Andrés González.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message