Why do you need to mix in one session http
and https?
Browsers do not support it. For example IE
gives nasty popup warning every time you mix plain and ssl html in one page.
So why bother? Make ALL user sessions SSL,
and leave plain http only for public part of web site.
From:
tbnl-devel-bounces@common-lisp.net [mailto:tbnl-devel-bounces@common-lisp.net] On Behalf Of Andrea Chiumenti
Sent: Friday, January 04, 2008
11:48 AM
To:
Subject: Re: [hunchentoot-devel]
session shearing question
Thanks, yes you
understood me correctly.
On Jan 4, 2008 8:43 PM, Sohail Somani <sohail@taggedtype.net> wrote:
On Fri, 04 Jan 2008 20:38:31 +0100, Andrea Chiumenti wrote:
> Now that I've been able to start hunchentoot in ssl mode, if I start
> another hunchentoot instance handling normal http requests, does
> hunchentoot shares user session between the two instances,if not is
> there a possibility to do it?
> Now that I've been able to start hunchentoot in ssl mode,
if I start
> another hunchentoot instance handling normal http requests, does
> hunchentoot shares user session between the two instances,if not is
> there a possibility to do it? <br>
If I understand you correctly, I think the only way to do this is to keep
user sessions in an out-of-process server like a database.
--
Sohail Somani
http://uint32t.blogspot.com
_______________________________________________
tbnl-devel site list
tbnl-devel@common-lisp.net
http://common-lisp.net/mailman/listinfo/tbnl-devel