Hi all - just worked this one out I think
The shared attribute i think allows 2 web apps THAT HAVE THE SAME NAME to
share sessions
As soon as I specified
<default-web-app application="sectest" name="sectest-web" shared="true"/>
as the default web app in both web-site.xml files then session sharing
started to work
I can now run a https and http version of my web app at the same time and
have sessions shared between the 2 web apps
The only thing I have to work out now is how to elegantly intercept
requests, work out whether they should be using https or http, and then
redirect them to use the correct protocol
I thought that maybe servlet filtering would be a good way of doing this?
eg any url that contains "/secure" in it could be redirected to https, while
all others would use plain old http.
Has anyone done this before? Anyone have any good examples/ideas?
Thanks
Matt
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Matt Krevs
Sent: Tuesday, 20 March 2001 1:23 PM
To: Orion-Interest
Subject: Sharing sessions between sites
I am having a few problems sharing sessions between a secure and a
non-secure web site
Having read various posts to the forum I thought that adding shared="true"
to the default-web-app element in each web-site.xml would do the trick. Not
for me. Each web site is creating its own session when it is hit for the
first time (within the same browser window)
So...
I have 2 web apps.
They both use the same application (as specified in server.xml).
Each web app has its own web-site.xml
One of the web apps is secured ie SSL.
web-site.xml for the non-secure site is as follows
--------------------------------------------------
<?xml version="1.0"?>
<!DOCTYPE web-site PUBLIC "Orion Web-site"
"http://www.orionserver.com/dtds/web-site.dtd">
<web-site host="[ALL]" port="80" display-name="SecTest site">
<default-web-app application="sectest" name="sectest-web" shared="true"
load-on-startup="true"/>
<access-log path="log/default-web-access.log" />
</web-site>
web-site.xml for the secure site is as follows
----------------------------------------------
<?xml version="1.0"?>
<!DOCTYPE web-site PUBLIC "Orion Web-site"
"http://www.orionserver.com/dtds/web-site.dtd">
<web-site host="[ALL]" secure="true" display-name="SecTest secure site">
<default-web-app application="sectest" name="sectestsecure-web"
shared="true" load-on-startup="true"/>
<ssl-config keystore="keystore" keystore-password="123456" />
<access-log path="log/default-web-access.log" />
</web-site>
Can anyone see what I'm doing wrong? I assume what I'm trying to do is
possible.
Thanks
Matt
