When I am using HTTP protocol, there is no issue with sessions. But when I am using HTTPS protocol, I am facing problem in JSP. When it is moving from one tab to another tab, session is automatically getting expired. How can I resolve this issue?
A:
Basically, there's no difference in JSESSIONID management whether TLS/SSL is enabled or not. Most app-servers use cookie and/or URL-rewriting for JSESSION management.
The major different I know is that, when you use “secure cookie,” JSESSIONID can be managed using both cookie and URL in HTTPS, but only with URL in HTTP. So, if the transition is across HTTPS and HTTP, the problem as you say might be happen.
habe
2009-11-26 15:11:27