[ic] Norton BHO causing session loss
paul at gishnetwork.com
Thu Mar 3 20:15:45 UTC 2011
> Gert said
> > IC 5.6.3:
> > FullURL 1
> > NoAbsolute Yes
> > MaxServers 5
> > PIDcheck 300
> > Aapche:
> > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > downgrade-1.0 force-response-1.0
> > NotRobotUA includes MSIE
> > I am seeing people getting a new session ID when travelling to an SSL
> > encrypted page.
> This is when they go from NonSSL to SSL for the same site?
Are you asking if my http & https servers the same server? Yes.
> And after that? Does it keep the session ID or does it keep changing?
I end up with two session ID's, one for http and one for https, and once I have them they stay the same. So when on http pages, the session ID is always 123, and when on https, it's always ABC, it doesn't keep chaning each time I make the transition.
> And when you start directly on SSL does it keep it or does it change?
Interesting, if I arrive on the site in https, I get and keep a single session ID, so it works in that respect.
More information about the interchange-users