-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Leon,
On 11/16/11 5:06 PM, Leon Rosenberg wrote: > User logins on http://www.site.fr, a new session is created. User > uses the site, attributes are written and read... User clicks a > special link and is redirected to https://secure.site.com - > secure.site.com (same webapp, different servers) loads the session > previously initialized on www.site.fr and associates it locally. How does this work? Or, were you asking if Tomcat can make this work (easily) for you? > User uses secure.site.com, modifies attributes etc. After user is > finished he jumps (on click or by simply entering the url) back to > www.site.fr, the local session contains all the changes from > secure.site.com. If you are using cookies to track your session, then this will not work because the browser isn't going to send the session id when the domain changes. If you could always be on *.site.fr (like from www.site.fr to secure.site.fr) then it would work if you set your cookie domain to site.fr. But that is a per-context setting which means you'd need a separate context for each domain you wanted to support. Yuck. If you use URL rewriting for session tracking, then this might work: cluster all the sites together and make sure that the jsessionid parameter is added to any URL you create that crosses the domain border. All copies of the webapp should replicate session info amongst themselves in both directions (www <-> secure). Unfortunately, you may have a shitstorm of session chatter. Presumably, you'll have a number of domain-specific servers and a single secure one (or clustering all around, which actually makes the chatter problem worse). That means that if you have 100 sessions on each of 10 CCTLD servers then you'll have 10000 sessions on the secure server. If that's okay, then go for it. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk7ENssACgkQ9CaO5/Lv0PD6NACgsrmhV5v1yn1JKNz3Ap7tfQne 3kYAniU8iETd7qvDEjqdo38/MTEgGna3 =dvKy -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
