Thanks Maurice. I'll need to look into this. > The one difficulty I have NOT seen is losing the session ID. > I do get session ID persistence where it is permitted (across http page > transitions, across https page transitions, and across http->https page > transition) > > Maurice Yarrow
The loss of session is due to a combination of things, namely the fact that I'm using mod_rewrite in order to add to and remove elements from the url and the way that Tomcat binds sessions to a given context. I wanted to filter out the app path information, so in www.abcdomain.com/abc I don't want the user to see the last /abc portion of the url - however Tomcat needs that to bind to the correct application context. I was adding it before the request was sent to Tomcat using mod_rewrite and then removing it on the way back using mod_proxy, however I was losing the session every time. Then I found this thread from this listserv from Feb of this year: http://mail-archives.apache.org/mod_mbox/tomcat-users/200602.mbox/%3C00b301c [EMAIL PROTECTED] It seems others ran into the same issue I did. The work around is setting the attribute emptySessionPath="true" in the <Connector /> element in server.xml. By doing this, the session is no longer tied to the current context based on the url (which I was losing on my rewrites) but instead it seems to be bound to the current default context (that last statement is actually incorrect and oversimplified, but explanation enough for me for now). Because of the way I am using virtual hosts, this works for me. I'm sure this will be a tremendous pain months from now if I need to make changes, but seeing as I have a tight deadline, I'll use this work around for now and hope for the best later. Thanks for all the help everyone! - Darren --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
