How do I share sessions between two server instances, one secure (HTTPS) and one normal (HTTP)?
Created May 4, 2012
service(HttpServletRequest req, HttpServletResponse res)
method. Since this method takes an HttpServletRequest
object as a parameter, you can always call getSession()
to access the HttpSession
.
As far as having two servlets - one for HTTP and one for HTTPS - these should behave basically the same. All of the HTTPS encryption/decryption is hidden from the servlet. Unless your HTTPS servlet needs to have some code to ensure it is processing a request whose protocol is HTTPS, these two servlets should be pretty much the same.
See also Can I move between http and https-based resources while sharing the same session? in the JSP FAQ.
[If the two servers are actually distinct, then you'd have to find some way of tunneling the data across. Hidden fields are probably your best bet, although that may not suit your security policy. -Alex]