Hello, I wanted to verify if I am understanding this right.
The website has certain sections of it using HTTPS (secure) and certain sections use only HTTP (unsecure). 1. A new session resulting from a call to request.getSession(true) in a secure area of a website is invalidated automatically when the session transitions from the secure to an unsecure area of the website. 2. A new session resulting from a call to request.getSession(true) in an unsecure area of a website is untouched when the session transitions from the unsecure to a secure area of the website and from the unsecure to a secure area of the website. Am I understanding 1 and 2 right? Thanks, Mufaddal. ------------------------------------------------------------------------------------------ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. Consult your physician prior to the use of any medical supplies or product. ------------------------------------------------------------------------------------------ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]