[ic] Norton BHO causing session loss
peter at pajamian.dhs.org
Thu Mar 3 21:05:46 UTC 2011
On 04/03/11 09:58, Paul Jordan wrote:
> Exactly. This new https session ID stays the same only when on https
pages, so if I go back to http pages, I get my old session ID back
again, and if I go to https again, I get that same "new" session ID
back. So it continues to flip flop as I move around across http/https.
>> Does the site work with cookies? Or you pass along the session ID in the
>> URLs everywhere? I assume cookies and perhaps there something goes wrong
>> when going from http to https ...
> The site works fine with Cookies on or off.
> Any idea where to concentrate?
It sounds like Norton is blocking the session cookie from being passed
from the non-secure page to the secure page, and so they get isolated
and end up with their own separate session IDs.
Try commenting out this line from catalog.cfg and see if it helps:
ScratchDefault mv_no_session_id 1
Doing the above will, of course, stick session IDs into all your URLs,
but we can concentrate on a better workaround once it's determined that
the above works.
More information about the interchange-users