Hello,
I have a page that uses https and when i do a redirect from the bean that uses that https page to some http page. Then my session id changes. How can i stop this from happening? Please help me. Thanks in advance :)
views:
263answers:
2
A:
Hey,
Do you mean you are redirecting to different HTTP domain URL? then its a diff. application you are calling. That will change the sessionId.
Are you calling same applciation URL for some other page with http protocol?
--- EDIT ---
Check this url, it shows same problem using PHP. You may get the solution. It says,
When you switch between the HTTP and HTTPS services on the same server, your HTTP session ID is not being passed to the HTTPS session.
http://stackoverflow.com/questions/441496/session-lost-when-switching-from-http-to-https-in-php
hope this helps.
thanks.
Paarth
2010-05-27 04:57:00
This url shows, that it uses https for first login and the sessionid keeps the same. may be his problem is different, but can be of interest.http://old.nabble.com/how-to-use-different-session-id-from-http-to-https-td15394823.htmlthank.
Paarth
2010-05-27 04:59:46
Hi Paarth, i am using Java not Php. Let me explain you what i am trying to do. I have a page Login.xhtml which is secured (https). I have a login button on it. On click of the button i programmtically redirect to another servlet which is http based. On that servlet i check the roles whether he is admin or some other and based on it i am redirecting the user to http based url. But as soon i redirect to the http based servlet, my session id changes. :(
Ankit Rathod
2010-05-27 05:07:46
hey,Thats why i added the link showing same problem in PHP. Thing is, you need to take care that same session is maintained. Please check that page and try to get it using cookies to maintain your session.thanks.
Paarth
2010-05-27 05:14:47
+3
A:
The cookie is not kept, so you must pass the jsessionid in the URL:
response.sendRedirect("http://myserver/path;jsessionid=" + request.getSession().getId());
Maurice Perry
2010-05-27 05:46:49