Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

HTTP and HTTPS  RSS feed

 
vikas singh
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i am making an application in which the login page wud under HTTP protocol and after submiting it , the next upcomming pages would be in HTTPS protocol.
Here in the login page create a session for a particular user which is in HTTP and now i want to carry the same session to HTTPS for rest of the application.

kindly somebody help me in this issue .Please tell me how to maintain a session b/w HTTP and HTTPS.
 
Rahul Bhattacharjee
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You have to configure this in web.xml as which resources are to be served in secure mode and which are not to be served securely.
 
Ulf Dittmer
Rancher
Posts: 42972
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
To the session it makes no difference whether a user comes in through HTTP or HTTPS. Any session you create in an HTTP request will be available to an HTTPs requests as well - there is nothing that can (or needs to) be configured.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Ulf Dittmer:
To the session it makes no difference whether a user comes in through HTTP or HTTPS. Any session you create in an HTTP request will be available to an HTTPs requests as well - there is nothing that can (or needs to) be configured.


That's not necessarily true.
Tomcat, for instance creates a separate session for the HTTPS protocol.
 
vikas singh
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
if i m creating a session on the very first page which works in http protocol thn that session is not accessable from the 2nd page which is working on https. I am setSession() to set the session on the first page and get session for to retrieve the session f ron the 2nd page...
Please help me
 
Rahul Bhattacharjee
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can use the following for accessing the sessionID for HTTPS , but I am not sure as how to get the actual session object.

Below I have taken from here.

To access the SSL session ID from the request, use:
String sslID = (String)request.getAttribute("javax.servlet.request.ssl_session");
 
vikas singh
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
sessionID is also getting null
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!