Hi! The user _is_ on the correct domain. The problem is, that the browser does not recognize, that "test.mydomain.com" and "mydomain.com" are different. BTW: Mozilla doesn't have this bug...
On Mon, 13 Jan 2003 08:54:54 -0500, Tim Funk wrote: >[ > This is more suited for tomcat-user > Please post followups to: [EMAIL PROTECTED] >] >This is not isolated to IE6 but all browsers. If you are using apache - >add the appropriate redirects to your httpd config to force the user to >the correct domain. >-Tim >Michael Wyraz wrote: >> Hi! >> >> I found a strange bug in internet explorer cookie handling that could possibile >> workarounded in tomcat: >> >> I have 2 different webapps on 2 different domains (a domain and a subdomain of this >domain), e.g.: >> mydomain.com >> test.mydomain.com >> >> When I enter the first domain, a session cookie for this domain is set. >> The session then works fine for this domain. >> Then I view a page from the second domain. IE returns the cookie >> that was set in the first domain. Tomcat does'nt know that session id >> in the second context and sets a new cookie. >> Now the strange thing: The new Cookie is never returned from ie. So the >> new Session in the second domain is not valid and after each click a >> new SessionID is generated (i think IE always returns the cookie set in the first >domain). >> >> A possible solution: >> If the name of the session cookie would be configurable (per host or per webapp), >> the hostname could added to that cookie. This would fix this issue on IE. >> >> Michael. >> >> >-- >To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
