Need to maintain a session from http to https and back

Running Linux with Tomcat 5.0.28. We have jsp pages.
Most of site is non-ssl. Need to collect credit card info on ssl page.
When we switch the user to the https page, we lose session info.
How do i not lose session info, and can i keep the session info when i return him to the regular pages?
JerryNortonAsked:
Who is Participating?
 
KuldeepchaturvediConnect With a Mentor Commented:
ideally speaking, this should not be happening.
I think tomcat uses server cookies to set up sessions and unless they are not set to secure.. they will be accesible..
( and they will be set to secure only when the session was First created in SSL).
0
 
objectsCommented:
you could add the session id to the url
0
 
JerryNortonAuthor Commented:
and then what? can i assign the new session the old session id?
Can I access the values stored session.getAttribute?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.