tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From krusek <kru...@comcast.net>
Subject Re: Session lost when switching from https to http after upgrade to Tomcat 6
Date Fri, 06 Jun 2008 19:11:22 GMT

We use tomcat forms authentication and it is cookies being used. 

There are 3 cookies,  JSESSONIDSSO, test and JSESSONID.
Not sure how you tell if its marked secure?   The test cookie is for testing
to assure cookies are enabled.

Thanks for your help!

 


Rainer Jung-3 wrote:
> 
> krusek wrote:
>> I have Apache 2 with SSL,  mod_jk connection, and Tomcat.  Everything has
>> worked peachy from one tomcat upgrade after another.  However now I
>> upgraded
>> to tomcat 6 and I am loosing the session when switching from https to
>> http
>> within the same domain.
>> 
>> For clarity,  Apache 2 is handling SSL not tomcat.  
>> 
>> Does anyone know why this is happening?
> 
> Are you using cookies for the sessions (JSESSIONID cookie) or URL 
> encoding (";jsessionid=")?
> 
> Is some cookie flagged as being "secure"?
> You can check how the cookie looks like e.g. using Firefox (Preferences 
> - Privacy - Cookies).
> 
>> Thanks!
>> 
>> Kevin
> 
> Regards,
> 
> Rainer
> 
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Session-lost-when-switching-from-https-to-http-after-upgrade-to-Tomcat-6-tp17658157p17699292.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message