We have a requirement to use a different URL for SSL and non-SSL sections of our website. The problem we run into is that Tomcat recognizes this as a new request and creates a new session ... which is correct according to the spec but does not help us.
Anyone know how to config Tomcat/JBoss ... extend the Tomcat ManagerBase correctly or perhaps do something in a filter?
Some suggestions or comments would be very helpful.
I should of clarified that the SSL domain is a subdomain (secure.mydomain.com) of the non-SSL (www.mydomain.com) domain.