We have a site which logs in using https (secure site) but the rest of the site is in http (non-secure site). We are doing this because we do not have/want to pay for a secure key. The login form posts back to itself so the whole login is in https.
The problem is the session variables set in https (username and ip address) are not available in http. Has anybody got any word rounds/solutions for this?
Regards,
Ben
