Philip,
I did try using url re-writing using jsessionid'd & that is why I
wrote this mail. TOmcat seems to use jsessionid in cookies first & if not
there only then take jsessionid from url. This is my guess coz that is what
is happening.
Does anyone have any idea how to force using jsessionid in such situations
to make user jump between two domains(though they are in reality same
machine & same tomcat) without his knowlege.
-Jiger
>From: Phillip Morelock <[EMAIL PROTECTED]>
>Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]>
>To: Tomcat Users List <[EMAIL PROTECTED]>
>Subject: Re: Tomcat refusing jsessionid's
>Date: Sat, 25 May 2002 09:14:27 -0700
>MIME-Version: 1.0
>Received: from [192.18.49.131] by hotmail.com (3.2) with ESMTP id
>MHotMailBEB9037700594004310EC0123183C6C00; Sat, 25 May 2002 09:14:47 -0700
>Received: (qmail 2532 invoked by uid 97); 25 May 2002 16:14:29 -0000
>Received: (qmail 2516 invoked by uid 98); 25 May 2002 16:14:29 -0000
>From tomcat-user-return-20632-jigerjava Sat, 25 May 2002 09:16:15 -0700
>Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
>Precedence: bulk
>List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
>List-Subscribe: <mailto:[EMAIL PROTECTED]>
>List-Help: <mailto:[EMAIL PROTECTED]>
>List-Post: <mailto:[EMAIL PROTECTED]>
>List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org>
>Delivered-To: mailing list [EMAIL PROTECTED]
>X-Antivirus: nagoya (v4198 created Apr 24 2002)
>User-Agent: Microsoft-Entourage/10.0.0.1309
>Message-ID: <[EMAIL PROTECTED]>
>In-Reply-To: <[EMAIL PROTECTED]>
>X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
>
>HTTP sessions....browsers are configured to associate cookies with domain
>names. They will not transmit a cookie to a domain other than the
>originating domain (at least they shouldn't). It has nothing to do with IP
>address, only domain name. I am not sure I understand your question, but
>if
>I am reading it correctly, the only thing you can do is some manual
>persistence scheme, such as using a database and url rewriting or some
>similar scheme.
>
>does this help?
>
>fillup
>
>
>On 5/25/02 3:43 AM, "Jiger Java" <[EMAIL PROTECTED]> wrote:
>
> > Hi,
> > I have checked the archives already but did not come across similar
> > problems so I would like to ask it.
> >
> > My Platform:
> > Tomcat 4.0.
> > JDK 1.4
> > RHT Linux
> >
> > We have this application hosted on an generic server say
> > http://www.server.com now our reseller's can map their DNS such that
> > www.reseller.com points to www.server.com this will be dynamic( since
> > reseller's will be doing it themselves) so I can't use "virtual host"
> > feature of tomcat. The idea is that customer of that reseller should not
> > come to know that they are actually buying stuff from us & so the
>customer
> > *always* sees the reseller's website url in his browser. All pages post
>to
> > http://www.reseller.com/customer/xyz , which would post to us due to DNS
> > mapping. So far so good. But in many critical places like Login,
>customer
> > signup, we have hardcoded url's to our https:// server (same machine
>same
> > tomcat) becoz reseller need not buy Secure Certificates.
> > This is the problem. Inspite of my adding jsessionid to all such
> > pages right from posting to https:// to <META> refreshes, I still can't
>seem
> > to get back the session. Logically, if I pass in the right sessionid,
>tomcat
> > should pick up the correct session but it is still picking up pre-login
> > session & refusing the new sessionid got in the Authenticationservlet.
> >
> > I attach the jsessionid something like this
> >
>http://www.reseller.com:10001/anacreon/servlet/CustomerIndexServlet?jsessionid
> > =A4A0314540585318A4F5E327F1457375
> >
> > Does anyone have any idea how to solve it. Please ask me if you
>need
> > more clarifications. I need to get this thing out.
> >
> > Thanks & Awaiting your replies,
> > Jiger
> >
> >
> >
> > _________________________________________________________________
> > MSN Photos is the easiest way to share and print your photos:
> > http://photos.msn.com/support/worldwide.aspx
> >
> >
> > --
> > To unsubscribe, e-mail:
><mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail:
><mailto:[EMAIL PROTECTED]>
> >
>
>
>--
>To unsubscribe, e-mail:
><mailto:[EMAIL PROTECTED]>
>For additional commands, e-mail:
><mailto:[EMAIL PROTECTED]>
>
_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
