Re: switching between http and https without cookies possible in ofbiz?????
Hi Raj, By URL rewriting for https links solving my problem. I am able achieve this by using pre-defined class *OfbizUrlTransform*(not yet practiced with this. My Research seems it fits). Thanks one and all for your suggestions. On Mon, Nov 9, 2009 at 12:06 PM, Raj Saini rajsa...@gmail.com wrote: I do not think it is due to SSL certificate. You are logged out because a new session is created as session id is not carried forward when you are redirected from Paypal. Solution I see is to pass the session id to your call back URL. So when paypal calls back there should be session id in the request. Yes, session id will be part of the query. Thanks, Raj Hemanth Kumar Kanamarlapudi wrote: Hi Raj, This is mainly because of switching between http and https. We are transferring our control to third party paypal site for payment and on return of that we are transferring to another https page and there we are getting logging out. This behavior is not regular, some times logging out and some times not. Is it due to SSL certificate? Regards Hemanth -Original Message- From: Raj Saini [mailto:rajsa...@gmail.com] Sent: Saturday, November 07, 2009 10:17 PM To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Hi Hemanth, Can you explain a bit more please? What do you mean when moving. Thanks, Raj Hemanth Kumar Kanamarlapudi wrote: Hi All, Even i am facing this same problem of logging out in my ofbiz application when moving. Your help is appreciated. Regards Hemanth From: Raj Saini [rajsa...@gmail.com] Sent: 07 November 2009 20:37 To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Kumaraswamy, If you disbable the cookies every URL must have a jsession id. This works fine OOTB when switching one protocol to another and jsessionid is appended to the URL. Your's is custom code or you are using OOTB? Thanks, Raj Kumaraswamy nandipati wrote: Hi All, I am not a tech savvy. Please pull me out of this problem. Problem: I am browsing with Disable Cookies option for my ofbiz site. When ever, I switch from http to https it is asking me to login. I saw that ofbiz sets JSESSIONID as a cookie in normal browsing(cookie enabled). Q1) Is this problem only in ofbiz or default from tomcat. I am questioning because ofbiz internally uses tomcat instance??. Q2) Is there any solution for switching between http and https other than cookies??? Because, I want my cookie-disabled customers to browse successfully on my site to place order??. http://www.mindtree.com/email/disclaimer.html -- Thanks, Kumaraswamy.N 91-9866805250.
Re: switching between http and https without cookies possible in ofbiz?????
Hi Kumaraswamy, Only other way I see is hidden form variable. Instead appending the jsession id to URL send it as hidden form variable. I think you will need to make all your requests POST requests. Thanks, Raj Kumaraswamy nandipati wrote: Thanks Raj. I am re-writing my mail. Please ignore my previous mail. Explaining a bit more about my problem. I am trying to launch mobile version of my store(developed on ofbiz). Most of mobiles won't support cookies. So, I want to implement my storefront without cookies. As your suggestion OOTB, appending JSESSIONID with every URL is lil bit unsecure. Because, MITM attack chances will be more with this. *Is there any other solution for switching between http and https smoothly once(first time into https) logged in @ cookies disabled by customer??* * * *Is this problem in ofbiz or already in tomcat also??* * * *. * On Sun, Nov 8, 2009 at 11:54 AM, Kumaraswamy nandipati kumarasw...@ecomzera.com wrote: Thanks Raj. Explaining a bit more about my problem. I am trying to launch mobile version of my store(developed on ofbiz). Most of mobiles won't support cookies. So, I want to implement my storefront without cookies. As your suggestion OOTB, appending JSESSIONID with every URL is lil bit unsecure. Because, MITM attack chances will be more with this. *Is there any other solution for switching between http and https smoothly once(first time) logged in without using cookies*. On Sat, Nov 7, 2009 at 10:17 PM, Raj Saini rajsa...@gmail.com wrote: Hi Hemanth, Can you explain a bit more please? What do you mean when moving. Thanks, Raj Hemanth Kumar Kanamarlapudi wrote: Hi All, Even i am facing this same problem of logging out in my ofbiz application when moving. Your help is appreciated. Regards Hemanth From: Raj Saini [rajsa...@gmail.com] Sent: 07 November 2009 20:37 To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Kumaraswamy, If you disbable the cookies every URL must have a jsession id. This works fine OOTB when switching one protocol to another and jsessionid is appended to the URL. Your's is custom code or you are using OOTB? Thanks, Raj Kumaraswamy nandipati wrote: Hi All, I am not a tech savvy. Please pull me out of this problem. Problem: I am browsing with Disable Cookies option for my ofbiz site. When ever, I switch from http to https it is asking me to login. I saw that ofbiz sets JSESSIONID as a cookie in normal browsing(cookie enabled). Q1) Is this problem only in ofbiz or default from tomcat. I am questioning because ofbiz internally uses tomcat instance??. Q2) Is there any solution for switching between http and https other than cookies??? Because, I want my cookie-disabled customers to browse successfully on my site to place order??. http://www.mindtree.com/email/disclaimer.html -- Thanks, Kumaraswamy.N 91-9866805250.
RE: switching between http and https without cookies possible in ofbiz?????
Hi Raj, This is mainly because of switching between http and https. We are transferring our control to third party paypal site for payment and on return of that we are transferring to another https page and there we are getting logging out. This behavior is not regular, some times logging out and some times not. Is it due to SSL certificate? Regards Hemanth -Original Message- From: Raj Saini [mailto:rajsa...@gmail.com] Sent: Saturday, November 07, 2009 10:17 PM To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Hi Hemanth, Can you explain a bit more please? What do you mean when moving. Thanks, Raj Hemanth Kumar Kanamarlapudi wrote: Hi All, Even i am facing this same problem of logging out in my ofbiz application when moving. Your help is appreciated. Regards Hemanth From: Raj Saini [rajsa...@gmail.com] Sent: 07 November 2009 20:37 To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Kumaraswamy, If you disbable the cookies every URL must have a jsession id. This works fine OOTB when switching one protocol to another and jsessionid is appended to the URL. Your's is custom code or you are using OOTB? Thanks, Raj Kumaraswamy nandipati wrote: Hi All, I am not a tech savvy. Please pull me out of this problem. Problem: I am browsing with Disable Cookies option for my ofbiz site. When ever, I switch from http to https it is asking me to login. I saw that ofbiz sets JSESSIONID as a cookie in normal browsing(cookie enabled). Q1) Is this problem only in ofbiz or default from tomcat. I am questioning because ofbiz internally uses tomcat instance??. Q2) Is there any solution for switching between http and https other than cookies??? Because, I want my cookie-disabled customers to browse successfully on my site to place order??. http://www.mindtree.com/email/disclaimer.html
Re: switching between http and https without cookies possible in ofbiz?????
I do not think it is due to SSL certificate. You are logged out because a new session is created as session id is not carried forward when you are redirected from Paypal. Solution I see is to pass the session id to your call back URL. So when paypal calls back there should be session id in the request. Yes, session id will be part of the query. Thanks, Raj Hemanth Kumar Kanamarlapudi wrote: Hi Raj, This is mainly because of switching between http and https. We are transferring our control to third party paypal site for payment and on return of that we are transferring to another https page and there we are getting logging out. This behavior is not regular, some times logging out and some times not. Is it due to SSL certificate? Regards Hemanth -Original Message- From: Raj Saini [mailto:rajsa...@gmail.com] Sent: Saturday, November 07, 2009 10:17 PM To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Hi Hemanth, Can you explain a bit more please? What do you mean when moving. Thanks, Raj Hemanth Kumar Kanamarlapudi wrote: Hi All, Even i am facing this same problem of logging out in my ofbiz application when moving. Your help is appreciated. Regards Hemanth From: Raj Saini [rajsa...@gmail.com] Sent: 07 November 2009 20:37 To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Kumaraswamy, If you disbable the cookies every URL must have a jsession id. This works fine OOTB when switching one protocol to another and jsessionid is appended to the URL. Your's is custom code or you are using OOTB? Thanks, Raj Kumaraswamy nandipati wrote: Hi All, I am not a tech savvy. Please pull me out of this problem. Problem: I am browsing with Disable Cookies option for my ofbiz site. When ever, I switch from http to https it is asking me to login. I saw that ofbiz sets JSESSIONID as a cookie in normal browsing(cookie enabled). Q1) Is this problem only in ofbiz or default from tomcat. I am questioning because ofbiz internally uses tomcat instance??. Q2) Is there any solution for switching between http and https other than cookies??? Because, I want my cookie-disabled customers to browse successfully on my site to place order??. http://www.mindtree.com/email/disclaimer.html
Re: switching between http and https without cookies possible in ofbiz?????
Kumaraswamy, If you disbable the cookies every URL must have a jsession id. This works fine OOTB when switching one protocol to another and jsessionid is appended to the URL. Your's is custom code or you are using OOTB? Thanks, Raj Kumaraswamy nandipati wrote: Hi All, I am not a tech savvy. Please pull me out of this problem. Problem: I am browsing with Disable Cookies option for my ofbiz site. When ever, I switch from http to https it is asking me to login. I saw that ofbiz sets JSESSIONID as a cookie in normal browsing(cookie enabled). Q1) Is this problem only in ofbiz or default from tomcat. I am questioning because ofbiz internally uses tomcat instance??. Q2) Is there any solution for switching between http and https other than cookies??? Because, I want my cookie-disabled customers to browse successfully on my site to place order??.
RE: switching between http and https without cookies possible in ofbiz?????
Hi All, Even i am facing this same problem of logging out in my ofbiz application when moving. Your help is appreciated. Regards Hemanth From: Raj Saini [rajsa...@gmail.com] Sent: 07 November 2009 20:37 To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Kumaraswamy, If you disbable the cookies every URL must have a jsession id. This works fine OOTB when switching one protocol to another and jsessionid is appended to the URL. Your's is custom code or you are using OOTB? Thanks, Raj Kumaraswamy nandipati wrote: Hi All, I am not a tech savvy. Please pull me out of this problem. Problem: I am browsing with Disable Cookies option for my ofbiz site. When ever, I switch from http to https it is asking me to login. I saw that ofbiz sets JSESSIONID as a cookie in normal browsing(cookie enabled). Q1) Is this problem only in ofbiz or default from tomcat. I am questioning because ofbiz internally uses tomcat instance??. Q2) Is there any solution for switching between http and https other than cookies??? Because, I want my cookie-disabled customers to browse successfully on my site to place order??. http://www.mindtree.com/email/disclaimer.html
Re: switching between http and https without cookies possible in ofbiz?????
Hi Hemanth, Can you explain a bit more please? What do you mean when moving. Thanks, Raj Hemanth Kumar Kanamarlapudi wrote: Hi All, Even i am facing this same problem of logging out in my ofbiz application when moving. Your help is appreciated. Regards Hemanth From: Raj Saini [rajsa...@gmail.com] Sent: 07 November 2009 20:37 To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Kumaraswamy, If you disbable the cookies every URL must have a jsession id. This works fine OOTB when switching one protocol to another and jsessionid is appended to the URL. Your's is custom code or you are using OOTB? Thanks, Raj Kumaraswamy nandipati wrote: Hi All, I am not a tech savvy. Please pull me out of this problem. Problem: I am browsing with Disable Cookies option for my ofbiz site. When ever, I switch from http to https it is asking me to login. I saw that ofbiz sets JSESSIONID as a cookie in normal browsing(cookie enabled). Q1) Is this problem only in ofbiz or default from tomcat. I am questioning because ofbiz internally uses tomcat instance??. Q2) Is there any solution for switching between http and https other than cookies??? Because, I want my cookie-disabled customers to browse successfully on my site to place order??. http://www.mindtree.com/email/disclaimer.html
Re: switching between http and https without cookies possible in ofbiz?????
Thanks Raj. Explaining a bit more about my problem. I am trying to launch mobile version of my store(developed on ofbiz). Most of mobiles won't support cookies. So, I want to implement my storefront without cookies. As your suggestion OOTB, appending JSESSIONID with every URL is lil bit unsecure. Because, MITM attack chances will be more with this. *Is there any other solution for switching between http and https smoothly once(first time) logged in without using cookies*. On Sat, Nov 7, 2009 at 10:17 PM, Raj Saini rajsa...@gmail.com wrote: Hi Hemanth, Can you explain a bit more please? What do you mean when moving. Thanks, Raj Hemanth Kumar Kanamarlapudi wrote: Hi All, Even i am facing this same problem of logging out in my ofbiz application when moving. Your help is appreciated. Regards Hemanth From: Raj Saini [rajsa...@gmail.com] Sent: 07 November 2009 20:37 To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Kumaraswamy, If you disbable the cookies every URL must have a jsession id. This works fine OOTB when switching one protocol to another and jsessionid is appended to the URL. Your's is custom code or you are using OOTB? Thanks, Raj Kumaraswamy nandipati wrote: Hi All, I am not a tech savvy. Please pull me out of this problem. Problem: I am browsing with Disable Cookies option for my ofbiz site. When ever, I switch from http to https it is asking me to login. I saw that ofbiz sets JSESSIONID as a cookie in normal browsing(cookie enabled). Q1) Is this problem only in ofbiz or default from tomcat. I am questioning because ofbiz internally uses tomcat instance??. Q2) Is there any solution for switching between http and https other than cookies??? Because, I want my cookie-disabled customers to browse successfully on my site to place order??. http://www.mindtree.com/email/disclaimer.html -- Thanks, Kumaraswamy.N 91-9866805250.
Re: switching between http and https without cookies possible in ofbiz?????
Thanks Raj. I am re-writing my mail. Please ignore my previous mail. Explaining a bit more about my problem. I am trying to launch mobile version of my store(developed on ofbiz). Most of mobiles won't support cookies. So, I want to implement my storefront without cookies. As your suggestion OOTB, appending JSESSIONID with every URL is lil bit unsecure. Because, MITM attack chances will be more with this. *Is there any other solution for switching between http and https smoothly once(first time into https) logged in @ cookies disabled by customer??* * * *Is this problem in ofbiz or already in tomcat also??* * * *. * On Sun, Nov 8, 2009 at 11:54 AM, Kumaraswamy nandipati kumarasw...@ecomzera.com wrote: Thanks Raj. Explaining a bit more about my problem. I am trying to launch mobile version of my store(developed on ofbiz). Most of mobiles won't support cookies. So, I want to implement my storefront without cookies. As your suggestion OOTB, appending JSESSIONID with every URL is lil bit unsecure. Because, MITM attack chances will be more with this. *Is there any other solution for switching between http and https smoothly once(first time) logged in without using cookies*. On Sat, Nov 7, 2009 at 10:17 PM, Raj Saini rajsa...@gmail.com wrote: Hi Hemanth, Can you explain a bit more please? What do you mean when moving. Thanks, Raj Hemanth Kumar Kanamarlapudi wrote: Hi All, Even i am facing this same problem of logging out in my ofbiz application when moving. Your help is appreciated. Regards Hemanth From: Raj Saini [rajsa...@gmail.com] Sent: 07 November 2009 20:37 To: user@ofbiz.apache.org Subject: Re: switching between http and https without cookies possible in ofbiz? Kumaraswamy, If you disbable the cookies every URL must have a jsession id. This works fine OOTB when switching one protocol to another and jsessionid is appended to the URL. Your's is custom code or you are using OOTB? Thanks, Raj Kumaraswamy nandipati wrote: Hi All, I am not a tech savvy. Please pull me out of this problem. Problem: I am browsing with Disable Cookies option for my ofbiz site. When ever, I switch from http to https it is asking me to login. I saw that ofbiz sets JSESSIONID as a cookie in normal browsing(cookie enabled). Q1) Is this problem only in ofbiz or default from tomcat. I am questioning because ofbiz internally uses tomcat instance??. Q2) Is there any solution for switching between http and https other than cookies??? Because, I want my cookie-disabled customers to browse successfully on my site to place order??. http://www.mindtree.com/email/disclaimer.html -- Thanks, Kumaraswamy.N 91-9866805250. -- Thanks, Kumaraswamy.N 91-9866805250.
