Thanks
But how do I gain access to this 'ssl session'? I can find o mention of it
in the doc.
Thanks
Eric
-Original Message-
From: Lorin Kobashigawa [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 02, 2000 3:10 PM
To: Orion-Interest
Subject: Re: SSL and HttpServletRequest.getRequestedSessionId()
There are actually two sessions involved in SSL. The ssl session, and the
http session. The ssl session is probably returning true before the http
session has been instantiated.
I ran into this problem with session timeouts. Make sure to use
shared="true" in your secure-site.xml, or your ssl sessions will timeout at
a different time than your http sessions. (after about 60-90 sec)
-Lkb
At 12:40 PM 10/2/00 -0500, Walker, Eric wrote:
When accessing a web site configured for SSL I have noticed that
calling HttpServletRequest.getRequestedSessionId() for a client that has
not yet joined a session returns a non null value. The same scenario for a
non-SSL site always returns a null. Any ideas why there is a difference
between SSL vs. non-SSL? Thanks Eric
/**
* @author: Lorin Kobashigawa-Bates [EMAIL PROTECTED]
* @title: CodeMonkey / COO - Robot6 Inc.
* @phone: 415.345.8872
* @addr: 1177 Polk St. San Francisco, CA 94109
*/
