Re: [users@httpd] apache does not preserve user session of tomcat

Mon, 21 Apr 2008 09:27:20 -0700 

or should I install ssl on apache? this way, the secure cookie will go to ssl 
channel also. Will it solve the problem?
thx


--- On Mon, 21/4/08, Krist van Besien <[EMAIL PROTECTED]> wrote:

> From: Krist van Besien <[EMAIL PROTECTED]>
> Subject: Re: [EMAIL PROTECTED] apache does not preserve user session of tomcat
> To: users@httpd.apache.org, [EMAIL PROTECTED]
> Date: Monday, 21 April, 2008, 6:55 PM
> On Mon, Apr 21, 2008 at 4:16 PM, Melanie Pfefer
> <[EMAIL PROTECTED]> wrote:
> > hi Krist,
> >
> >
> >  In LiveHTTPHeaders:
> >
> >  Set-Cookie:
> JSESSIONID=2637CA3EADF9422597DF276AE1846E55; Path=/abc;
> Secure
> >
> >  So I guess this means that the session is
> "secure". and from what you have said, the
> brwoser cannot send this cookie over http.
> 
> The browser will indeed not send this cookie back to the
> server, and
> thus the session is lost. I do not know of any solution
> other than
> configuring your webapp not to send "secure"
> cookies... But maybe
> someone else has an idea.
> 
> Krist
> 
> 
> 
> -- 
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> Bremgarten b. Bern, Switzerland
> --
> A: It reverses the normal flow of conversation.
> Q: What's wrong with top-posting?
> A: Top-posting.
> Q: What's the biggest scourge on plain text email
> discussions?
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>    "   from the digest:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]


      __________________________________________________________
Sent from Yahoo! Mail.
A Smarter Email http://uk.docs.yahoo.com/nowyoucan.html

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to