开发者

difference between using http and https in session management of jsp

When I am using HTTP开发者_运维知识库 protocol, there is no issue with sessions. But when I am using HTTPS protocol, I am facing problem in JSP. When it is moving from one tab to another tab, session is automatically getting expired. How can I resolve this issue?


Basically, there's no difference in JSESSIONID management whether TLS/SSL is enabled or not. Most app-servers use cookie and/or URL-rewriting for JSESSION management.

The major different I know is that, when you use “secure cookie,” JSESSIONID can be managed using both cookie and URL in HTTPS, but only with URL in HTTP. So, if the transition is across HTTPS and HTTP, the problem as you say might be happen.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜