> From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] > Subject: RE: How to install the session cookie into the > original request ofthe secure area? > > You need to invest* in a copy of Wireshark so you can see the > differences in the requests that a browser sends vs the ones > your client code makes.
When I look at a packet trace of an access to a secured resource, I see the following: <-- GET for secured resource --> 200 with JSESSIONID cookie and login page <-- POST with jsessionid parameter, JSESSIONID cookie, and credentials --> 302 with original request <-- GET for secured resource with JSESSIONID cookie I suspect your client code is not including the JSESSIONID cookie on the GET after the 302. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
