-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greg,
Greg Burrow wrote: > I have two web applications in different context, one servlet will forward > the request to a servlet in the other application using encodeRedirectURL > and sendRedirect. NB that's a redirect, not a forward. > The receiving servlet creates a new session and session > attributes are lost. Are the two servlets in the same web application? > GET /App1/RedirectServlet HTTP/1.1 [snip] > GET /App2/LaunchServlet HTTP/1.1 Nope, they aren't. You didn't provide path details on the cookies in question. I suspect the first is tied to /App1 and the second to /App2. You need to use single-sign-in if you want sessions to be available across webapps. > The same behavior occurs in Firefox and IE. Cookies are enabled in both > browsers and crossContext="true" in context.xml. Is this a bug in Tomcat or > a problem with my method of redirect? Neither. It's a misunderstanding of the separation of sessions between webapps. Tomcat supports single-sign-in (SSI) which you can read about here: http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html#Single%20Sign%20On%20Valve - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkl6BToACgkQ9CaO5/Lv0PAO+ACZAYPf2r+6NWsMMSo9c0RzYGld XXQAoK4g9Pea/Ajysg5D7AYdfUSTB4Rk =SrHN -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
