session getting changed while switching between HTTPS and HT

deepakgupta_721 Aug 11, 2008 7:15 AM

Hi,

I have Apache 2.2.9 with SSL and JBOSS 4.0.5, JDK 1.6, Struts 1.2 application. JSESSIONID is maintained by Cookie. Problem is My whole site is running on HTTP but one shibboleth login is on HTTPS. What happening is when I switch from HTTP to HTTPS and then in struts action i redirect the user back to HTTP, user Session ID get changed. Its happening with IE mozilla both. Pleas Help

Thanks and Regards,
Deepak.

1. Re: session getting changed while switching between HTTPS an

erasmomarciano Aug 11, 2008 8:07 AM (in response to deepakgupta_721)

Hi
Try to pass the SessionID created on HTTP side to the HTTPS side by url parameter.

Something like:
Location: https://yoursite/?JSESSIONID=hyhgatgedrafgtegshtgefarfgtrfajkloiu7uhygtfr4

HTH
Actions
2. Re: session getting changed while switching between HTTPS an

deepakgupta_721 Aug 12, 2008 12:21 AM (in response to deepakgupta_721)

Hi,

Thanks for the reply but its not working one of the reason might be Session id are getting maintained by JSESSIONID Cookie instead of URL re-writing. Dow apache has any role to play in this. In development environment i have apache in front of one JBOSS but in production apache will act as a load balancer. Please help.

Thanks and Regards
Deepak
Actions
3. Re: session getting changed while switching between HTTPS an

jinson Mar 17, 2009 11:39 AM (in response to deepakgupta_721)

If you had resolved this issue, could you please update how you fixed it. I am also facing the same issue.

Thanks in Advance
Actions

Go to original post