[英]Spring boot tomcat httpsession is not same when support both http & https
I have HttpSession problem when using Embedded tomcat with Spring boot. 使用嵌入式tomcat和Spring启动时遇到HttpSession问题。 The scenario is as below: I start tomcat with spring boot, support both http & https.
方案如下:我使用spring boot启动tomcat,同时支持http和https。 my application using spring security saml to support SAML logon.
我的应用程序使用spring security saml来支持SAML登录。 During debug I found that saml/login & saml/sso can't get same http session.
在调试期间,我发现saml / login&saml / sso无法获得相同的http会话。 But if tomcat only support http or https, the http session is same.
但是如果tomcat只支持http或https,则http会话是相同的。 Please help.
请帮忙。
Thanks 谢谢
A session created under https will not be accessible to an http request because the session cookie is marked as secure. 由于会话cookie被标记为安全,因此http请求将无法访问在https下创建的会话。
A session created under http should be accessible to an https request. 在http下创建的会话应该可以访问https请求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.