1 Reply Latest reply on Aug 23, 2016 6:49 PM by Tomaz Cerar

    Is it possible to use two sessions for (http + https) per session by using different cookie path

    Packiaraj Sakkanan Newbie

      Hello,

       

      We use wildfly 8.2 and most of the pages are served over HTTPS. JsessionID is marked as secure. Due to nature of the application few pages are served over HTTP. Since the JSESSIONID is marked as secure, HTTP requests will not have access to JSESSIONID cookie and wildfly creates new session ID which overwrites HTTPS JSESSIONID.

      Is this possible to use different  PATH values in JSESSIONID cookie to differentiate between HTTPS & HTTP request, so that both session lives.

       

      for instance

      JSESSIONID=JPHxsxKKkIfVI_MYk6Idm-tK.abcdefg; path=/server/main; HttpOnly; Secure;

      JSESSIONID=qwersdfwerwerwerwerwe-tK.abcdefg; path=/server/main/specificPage; HttpOnly;

       

      Thanks in advance.