Re: [jetty-discuss] Differences in Tomcat and Jetty in session id tracking

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Y wrote:
> Hi Greg,
> 
> I'm using Jetty 4.2.6.
> 
> For further information on my web application, all HTTP requests are
> rewriten to HTTPS request to a particular URL.

Yborov,

Whooooaa!   I'm sorry but 4.2.6 is just a little too ancient for me 
to help you very much (without a support contract).

As I said, it is probably something to do with the Secure cookie 
setting.   If you can see the headers (use debug or live headers
on firefox) you will be able to see if the Secure param is included
in the set-cookie header or not.

Note, that if you really want to share session ID between HTTP and
 HTTPS, you can always manually add the session ID to the URLs that 
you rewrite.

cheers

-- 
Greg Wilkins<gr...@we...>  US: +1  3104915462   IT: +39 3349267680
http://www.webtide.com           UK: +44(0)2079932589 AU: +61(0)417786631