Thanks for the suggestion Wade but I really did what you are saying and headers reach the server correctly.
Michael >-----Original Message----- >From: Wade Chandler [mailto:[EMAIL PROTECTED] >Sent: 17 February 2006 05:16 >To: Tomcat Users List >Subject: RE: Session Expires At Every Request (Tomcat5.0.28/Firefox) > >> > Monitoring the HTTP headers for both IE and >> Firefox using >> > HttpAnalyzer for >> > IE and LiveHttpHeaders for Firefox gives the >> following: >> > 1) IE >> > >> > (Request-Line):GET http://www.tophotelchoices.com/ >> HTTP/1.1 >> > Accept:*/* >> > Accept-Language:en-gb >> > Accept-Encoding:gzip, deflate >> > User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; >> Windows NT 5.1; >> > SV1; .NET CLR >> > 1.1.4322; InfoPath.1) >> > Host:www.tophotelchoices.com >> > Proxy-Connection:Keep-Alive >> > Pragma:no-cache >> > Cookie:JSESSIONID=6F187E9E698F5D81A09DF6AD0D25115D >> > >> > (Status-Line):HTTP/1.0 200 OK >> > Date:Thu, 16 Feb 2006 22:09:18 GMT >> > Server:Apache/1.3.33 (Unix) mod_jk/1.2.15 Cache-Control:no-cache >> > Pragma:no-cache Expires:Wed, 31 Dec 1969 23:59:59 GMT >> > Content-Type:text/html;charset=UTF-8 >> > X-Cache:MISS from proxy01.spidernet.net X-Cache-Lookup:MISS from >> > proxy01.spidernet.net:83 Proxy-Connection:close >> > >> > 2) FIREFOX: >> > GET http://www.tophotelchoices.com/index.jsp >> HTTP/1.1 >> > Host: www.tophotelchoices.com >> > User-Agent: Mozilla/5.0 (Windows; U; Windows NT >> 5.1; en-GB; rv:1.7.12) >> > Gecko/20050919 Firefox/1.0.7 >> > Accept: >> > >> >text/xml,application/xml,application/xhtml+xml,text/html;q=0.9 >> ,text/plain;q= >> > 0.8,image/png,*/*;q=0.5 >> > Accept-Language: en-gb,en;q=0.5 >> > Accept-Encoding: gzip,deflate >> > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 >> > Keep-Alive: 300 >> > Proxy-Connection: keep-alive >> > Referer: >> http://www.tophotelchoices.com/timeout.jsp >> > Cookie: >> JSESSIONID=3849A82D2F9B6991FE41073D771D1358 >> > Cache-Control: max-age=0 >> > >> > HTTP/1.x 200 OK >> > Date: Thu, 16 Feb 2006 22:12:27 GMT >> > Server: Apache/1.3.33 (Unix) mod_jk/1.2.15 >> > Cache-Control: no-cache >> > Pragma: no-cache >> > Expires: Wed, 31 Dec 1969 23:59:59 GMT >> > Content-Type: text/html;charset=UTF-8 >> > X-Cache: MISS from proxy01.spidernet.net >> > X-Cache-Lookup: MISS from proxy01.spidernet.net:83 >> > Proxy-Connection: close >> > >> > Obviously, the response is the same in both cases, >> however, >> > for FireFox the >> > important difference I see in Request is the one >> saying Cache-control: >> > max-age=0 and also, the Keep-Alive value 300. I do >> not think >> > the Keep-Alive >> > value is the problem, however, the Cache-Control: >> max-age=0 >> > is suspicious. >> > In my code I have >> > response.setHeader("Cache-Control","no-cache") but >> I think >> > this is different. Does anyone have a clue what >> the >> > max-age:0 is doing? >> > >> > Your help will be greatly appreciated. >> > >> > >> > Thanks and regards, >> > Michael >> > >> > >-----Original Message----- >> > >From: Filip Hanik - Dev Lists >> [mailto:[EMAIL PROTECTED] >> > >Sent: 15 February 2006 22:16 >> > >To: Tomcat Users List >> > >Subject: Re: Session Expires At Every Request >> (Tomcat5.0.28/Firefox) >> > > >> > >George Sexton wrote: >> > >> Does the code transparently create a new >> JSessionID value then? >> > > >> > >George, >> > >you might wanna rethink your comments, they don't >> shine any >> > >light on the issue and they for sure don't state >> any facts, >> > >let me prove you I am right. Below is the headers >> I tracked >> > >with LiveHttpHeaders, as you can see, JSESSIONID >> remains >> > >exactly the same in the browser request when the >> switch from >> > >HTTP to HTTPS happens. >> > >This is Firefox on Fedora 4. The site works fine. >> > > >> > >This must be a browser issue, can you tell us a >> little bit >> > >more about what version and platform your browser >> is on. >> > > >> > >1. Request to the home - non secure >> > >> >>============================================================ >> > >http://www.tophotelchoices.com/ >> > >GET / HTTP/1.1 >> > >Host: www.tophotelchoices.com >> > >User-Agent: Mozilla/5.0 (X11; U; Linux i686; >> en-US; rv:1.8.0.1) >> > >Gecko/20060124 Firefox/1.5.0.1 >> > >Accept: >> > >> >>text/xml,application/xml,application/xhtml+xml,text/html;q=0.9, >> > text/plain;q=0.8,image/png,*/*;q=0.5 >> > >Accept-Language: en-us,en;q=0.5 >> > >Accept-Encoding: gzip,deflate >> > >Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 >> > >Keep-Alive: 300 >> > >Connection: keep-alive >> > >Referer: http://www.tophotelchoices.com/ >> > > >> > >HTTP/1.x 200 OK >> > >Date: Wed, 15 Feb 2006 20:08:55 GMT >> > >Server: Apache/1.3.33 (Unix) mod_jk/1.2.15 >> > >Set-Cookie: >> JSESSIONID=735009FD40D725EDAA14389409CD60FF; Path=/ >> > >Cache-Control: no-cache >> > >Pragma: no-cache >> > >Expires: Wed, 31 Dec 1969 23:59:59 GMT >> > >Keep-Alive: timeout=5, max=20 >> > >Connection: Keep-Alive >> > >Transfer-Encoding: chunked >> > >Content-Type: text/html;charset=UTF-8 >> > > >> > >2. Click on the request button - switch from HTTP >> to HTTPS >> > >> >>https://www.tophotelchoices.com/bookingServlet1?hotel=ASI >> > >GET /bookingServlet1?hotel=ASI HTTP/1.1 >> > >Host: www.tophotelchoices.com:443 >> > >User-Agent: Mozilla/5.0 (X11; U; Linux i686; >> en-US; rv:1.8.0.1) >> > >Gecko/20060124 Firefox/1.5.0.1 >> > >Accept: >> > >> >>text/xml,application/xml,application/xhtml+xml,text/html;q=0.9, >> > text/plain;q=0.8,image/png,*/*;q=0.5 >> > >Accept-Language: en-us,en;q=0.5 >> > >Accept-Encoding: gzip,deflate >> > >Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 >> > >Keep-Alive: 300 >> > >Connection: keep-alive >> > >Referer: >> http://www.tophotelchoices.com/searchResults.jsp >> > >Cookie: >> JSESSIONID=735009FD40D725EDAA14389409CD60FF >> > > >> > >HTTP/1.x 200 OK >> > >Date: Wed, 15 Feb 2006 20:11:54 GMT >> > >Server: Apache/1.3.33 (Unix) mod_jk/1.2.15 >> > >Cache-Control: no-cache >> > >Pragma: no-cache >> > >Expires: Wed, 31 Dec 1969 23:59:59 GMT >> > >Keep-Alive: timeout=5, max=20 >> > >Connection: Keep-Alive >> > >Transfer-Encoding: chunked >> > >Content-Type: text/html;charset=UTF-8 >Maybe output your headers from the server side. See if >something is going on with your particular firefox instance >like some headers getting grouped by not delimiting correctly >or something (maybe \n instead of \r\n)...see what cookies you >get too....output everything you can think of from your >request to the JSP. If you already have then disregard. > >Wade > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]