On 03/12/2013 10:25, at.silk wrote: > Hi, > > I contact you to talk about an exception we receive in a Tomcat class. Few > days ago we get an error in an application integrated with Tomcat. We have > tried to get information about it but we don't find any solution, so we would > like to know if you are aware about this issue. > > First we describe our scenario: > 1. User logs in the portal and remain static for more than 30 minutes (30 > minutes is session expiration time). > 2. Afterwards, he refreshes the webpage and session has been expired. > 3. During the page reloading, an error occurs while executing the > "parseSessionSslId" method because the "SSLSupport.SESSION_ID_KEY" is empty. > 4. A blank page is displayed because the error is not caught.
How is that possible? If there is no SSL session the client should not be able to send a request to Tomcat since that would mean that the HTTPS connection had not been established. Since this code is only triggered when parsing a request from the client this error should never be observed. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org