Hi Curt,
You asked which browser this has worked for me on. I have verified this type of session handling over SSL on the following Japanese keitai browser versions ( not the full list ): DoCoMo/1.0, DoCoMo/2.0, UP.Browser/3.04 (HDML), UP.Browser/6.2.0.9 ( XHTML ), J-PHONE/4.3, Vodafone/1.0
The phones connected initially on http creating a session, stored user specific data to the session, then redirected ( by code ) to https, retained the session information added some more and then redirected back to the http and all was well.
Not all handsets in circulation support SSL but most phones less than a year old and and all the latest releases do.
Hope that helps?
Marcus.
http://cellsuite.blogspot.com
Curt Sampson <cjs@cynic.net> wrote:
On Thu, 11 Aug 2005, marcus saw wrote:
> Try URL re-writing to pass a session ID and store all the data in the
>session on your server instead of a cookie.
The only thing I store in the cookie is the session ID anyway. But that
is what I ended up doing; when I redirect from an http page to an https
page, I always rewrite that URL, even if I have URL rewriting turn off.
That lets the new page handler find the session without a cookie, and I
then issue a new cookie at that point.
> Keitais don't accept cookies as a rule, but you said you sent one so
>now I am confused.. Is this a new feature or have I got the wrong end
>of the stick?
AU keitai do accept and return cookies. Except in this one special case,
it seems.
> I have done something similar to what you seem to be doing with
>re-directing pages to https versions and I used sessions to hold all
>the user specific data and it worked perfectly.
But worked on what browser? I think I mentioned that it works fine for
me with Mozilla.
> Also are you using a full 'verisign' certificate, because thats the
>only type that the phones will allow without giving you an annoying
>'nag' message.
Yes, I'm using a certificate signed by a certificate in the phone's
internal list. In fact, AU phones (or at least my two examples) will
refuse to connect to sites with a certificate not signed by one of
these.
cjs
--
Curt Sampson +81 90 7737 2974
*** Contribute to the Keitai Developers' Wiki! ***
*** http://www.keitai-dev.net/ ***
This mail was sent to address saw_marcus@yahoo.com
Need archives? How to unsubscribe? http://www.appelsiini.net/keitai-l/
Send instant messages to your online friends http://uk.messenger.yahoo.com
Received on Fri Aug 12 08:49:43 2005