Hello, Noone seems to be able to answer this question (posted by other people) on the user's list, so I'm hoping eomeone on the dev list will be able to.
I am running Apache 1.3.20 (w/ open ssl), JDK 1.3, J2EE1.2.1 and Tomcat 3.2.3. Session management works great with cookies, both across HTTP and HTTPS. However, as soon as I turn cookies off, and use URL rewriting instead... URL rewriting ceases to work for HTTPS links (but still works fine on HTTP links) when I view the page under HTTP. Also, NOTHING is URL rewritten when the request was under HTTPS. I created a test page that displays request.getRequestedSessionId(), request.isRequestedSessionIdFromURL() and request.isRequestedSessionIdValid(). After clicking on a link on this test page that is a URL encoded link back to itself, I have an appended ;jsessionid on my HTTP request. All URL encoded HTTP links ARE URL encoded with the same session id, BUT none of the same (but in HTTPS) links are. getRequestedSessionId() shows the correct session id, isRequestedSessionIdFromURL() shows True, and isRequestedSessionIdValid() is True. Now, when I manually change the URL (WITH appended session ID) to HTTPS, NONE of the links are URL Encoded (http OR https). However, getRequestedSessionId() STILL shows the correct session id, isRequestedSessionIdFromURL() STILL shows True, and isRequestedSessionIdValid() STILL is True. So I seem to be having two problems. #1) REGARDLESS of protocol, HTTPS links are NEVER URL Encoded. #2) Though HTTP links ARE URL Encoded when my request is in HTTP, they ARE NOT URL Encoded when my request is in HTTPS. Can someone shed some light on what is going on here? I know (because of displaying getRequestedSessionId(), isRequestedSessionIdFromURL() and isRequestedSessionIDValid()) that my JSP page is getting all of the session information back, but it seems as if Tomcat doesn't know how to URL Encode properly for HTTPS links OR HTTPS requests. Thanks in advance!! Raiden Johnson p.s. I just upgraded to Tomcat 3.2.3, because I was having the same problem in 3.2.2
