I was wondering if anyone could offer some help.
I have a site running on GF v2 that has a secure login page (https) but
the rest of the site doesn’t have to run over https. If I’ve never
been to the site and goto the https://loginpage I see my user get
logged in, but upon redirecting to the http://mainpage the session
information is lost/intentionally removed by something (could be
glassfish) and I am redirected to login again. I can then login.
the site works great.
If I’ve never been to the site before (delete all cookies) and goto the
http://loginpage I am redirected to the https login page and I can log
in and go right to my main page … no problem.
It appears the following is happening… If I go to the site and hit an
http url first. I get a session cookie (JSESSIONID) that doesn’t
change as I go back and forth between https and http. However if
first url I hit is an https url (and I don’t have any cookies for this
site), the JSESSIONID changes when I go from https to http. I am
sure if this is how glassfish is supposed to work or if this is how
sessions and cookies work in general or what … but could anyone who’s
more experienced with this stuff offer up some guidance?
Is there something in glassfish I should tweak? something I should
be doing wrt to sessions in rails?
Any help would be appreciated
To unsubscribe from this list, please visit: