Hi, We have a problem when accessing the application using https. What we do is, for login we direct the user from http to https URL and after authentication we direct the URL to http again.This works fine. But when we directly try to access HTTPS URL to start the login process, we have a problem. After authentication we are able to redirect to http again but there is a new http session created which is causing a problem for us. During login we put some info in the session which is lost after redirecting to http. We do not have this problem if the user uses http URL to start off with. Also we are facing this problem only with JBoss, it works fine in weblogic.