We use tomcat forms authentication and it is cookies being used.
There are 3 cookies, JSESSONIDSSO, test and JSESSONID.
Not sure how you tell if its marked secure? The test cookie is for testing
to assure cookies are enabled.
Thanks for your help!
Rainer Jung-3 wrote:
>
> krusek wrote:
>> I have Apache 2 with SSL, mod_jk connection, and Tomcat. Everything has
>> worked peachy from one tomcat upgrade after another. However now I
>> upgraded
>> to tomcat 6 and I am loosing the session when switching from https to
>> http
>> within the same domain.
>>
>> For clarity, Apache 2 is handling SSL not tomcat.
>>
>> Does anyone know why this is happening?
>
> Are you using cookies for the sessions (JSESSIONID cookie) or URL
> encoding (";jsessionid=")?
>
> Is some cookie flagged as being "secure"?
> You can check how the cookie looks like e.g. using Firefox (Preferences
> - Privacy - Cookies).
>
>> Thanks!
>>
>> Kevin
>
> Regards,
>
> Rainer
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Session-lost-when-switching-from-https-to-http-after-upgrade-to-Tomcat-6-tp17658157p17699292.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
