| Author |
Maintaining Session over HTTPS and HTTP
|
Manuel Moons
Ranch Hand
Joined: Mar 05, 2002
Posts: 229
|
|
Hello everyone,
Does anybody know if there is a way to configure a JBOSS server so it shares the same HTTPSession ,created using a HTTPS connection, over a HTTP and HTTPS connection.
I have a login servlet that uses https. In the httpsession some user information is stored. The next time I connect to the server using a HTTP connection the session is new. The cookie stored on the client states that it is a secure cookie. The client(browser) does not send it along when I connect using HTTP.
|
 |
Ben Souther
Sheriff
Joined: Dec 11, 2004
Posts: 13410
|
|
That is the expected behaviour.
You'll have to code around it.
|
Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
|
|
Manuel Moons
Ranch Hand
Joined: Mar 05, 2002
Posts: 229
|
|
Ok, standard behaviour for JBoss?
But I found a setting in Weblogic that makes it configurable. A session can be shared there. (At least that's what I understood there.)
|
|
Ben Souther
Sheriff
Joined: Dec 11, 2004
Posts: 13410
|
|
AFAIK, it's standard for J2EE or SSL. Jboss uses Tomcat as it's servlet container, and I don't know of a way to change this behaviour in Tomcat.
That you found a setting in Weblogic tells me that I may be wrong about this.
|
|
 |
|
|
subject: Maintaining Session over HTTPS and HTTP
|
|
|
0
