Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!eternal-september.org!feeder.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: isuy Newsgroups: comp.lang.java.help Subject: Can a session created in a secured domain be detected in a non-secured domain? Date: Mon, 12 Aug 2013 09:23:29 -0700 Organization: A noiseless patient Spider Lines: 10 Message-ID: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Injection-Date: Mon, 12 Aug 2013 16:23:31 +0000 (UTC) Injection-Info: mx05.eternal-september.org; posting-host="a78b9dece1407d753caa7f09ebe413a7"; logging-data="22665"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/o2n2QfqjmfydLjCy6kkqclS/nzDXbutI=" User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110429 Thunderbird/3.1.10 Cancel-Lock: sha1:7EDfKlaX3FCLhzMHBfYaLivpiGg= Xref: csiph.com comp.lang.java.help:2750 Hi, I am writing a shopping cart using Java servlet and I have a question. Let say I have a servlet "MyAccount" in 8443 port which is secured. I created a session there, but session.getSession(false) from other program in 8080 port which is not secured returns null. Is this the way it is or is it that I am doing something wrong? Thank you for your time.