Daniel Blumenthal wrote:
> I'm having a very strange problem with sessionIDs getting dropped.
__Dropped__?!
> 1) The user creates an account on the Register page, and a verification
> email is sent to the user. (sessionID 1) So far, so good.
>
> 2) The user clicks on the link in the email, and gets sent back to a custom
> ActivateUserAction that activates the user, then loads the user data into
> the session (there's a log entry that indicates that this has happened
> correctly). ActivateUserAction then forwards to the CreditCard screen
> (sessionID 2)
>
> 3) The user enters information, and then goes to the CreditCardVerify screen
> (sessionID 3)
>
> 4) There's finally an error, and the user is sent to the Home page
> (sessionID 4)
>
> It makes sense that going from step 1 to step 2 is going to yield a new
> sessionID, because a new window is being opened.
Not really (makes sense, I mean).
<plug-in className="org.apache.struts.action.SecurePlugIn">
<set-property property="httpPort" value="8080"/>
<set-property property="httpsPort" value="8443"/>
<set-property property="enable" value="true"/>
<set-property property="addSession" value="false"/>
</plug-in>
> Could this be due to it being SSL? Does this ring any kind of bells?
>
SSL will (I think by default?) create a new session; you have to
explicitly tell it to share session with non-SSL.
At least I think that's more or less true.
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
