Here in the login page create a session for a particular user which is in HTTP and now i want to carry the same session to HTTPS for rest of the application.
kindly somebody help me in this issue .Please tell me how to maintain a session b/w HTTP and HTTPS.
Originally posted by Ulf Dittmer:
To the session it makes no difference whether a user comes in through HTTP or HTTPS. Any session you create in an HTTP request will be available to an HTTPs requests as well - there is nothing that can (or needs to) be configured.
That's not necessarily true.
Tomcat, for instance creates a separate session for the HTTPS protocol.
Please help me
Below I have taken from here.
To access the SSL session ID from the request, use:
String sslID = (String)request.getAttribute("javax.servlet.request.ssl_session");