Hi, I am quite new to Tapestry, but last month I am upgrading our app from Tapestry 5.0.14 to 5.3.8. It's working now with one problem. We use Tomcat 7, servlet 3.0 (in the future Tomcat 8 and servlet 3.1) and Java 7. Tomcat listens on http (8080) and https(8443). If I use https, everything is OK. If I use http, I enter login page off app and SessionState object is created. I can see Session ID (equals X). It's done by contributeApplicationStateManager function in Module. Another contribute is for URL (contributeServiceOverride) where we use only https connection. That's because we want all ajax requests to go over https even if user is on http. So if user log in, session and cookie is created with atribute httpOnly and if I send ajax request to https, another session is created by Tapestry. Is it possible to access the http session in https request?
I can provide sample codes. Thanks for your help!
