Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Hiding session id in the URL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hiding session id in the URL

Subject: Re: Hiding session id in the URL
From: Sacha Michel Mallais <email@hidden>
Date: Tue, 7 Mar 2006 12:49:02 -0800

On Mar 7, 2006, at 12:35 PM, Tanmoy Roy wrote:

I have an application which does quite a lot of form submissions. My
application is a secured application and if the Session id is exposed
then any user can copy the URL and paste the same in his/her browser
then he/she will be able to view the same page as that of the other
user. This has to be protected so that whenever he/she does that
he/she will be presented with a new login page.

You can tell WO to use cookies to store the session IDs. Check out WOSession.setStoresIDsInCookies().


sacha


--
Sacha Michel Mallais             Senior Developer / President
Global Village Consulting Inc.   http://www.global-village.net/
PGP Key ID: 7D757B65             AIM: smallais


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


Follow-Ups:

Re: Hiding session id in the URL
From: Gavin Eadie <email@hidden>
Re: Hiding session id in the URL
From: Chuck Hill <email@hidden>


References:  
  >Hiding session id in the URL (From: "Tanmoy Roy" <email@hidden>)




Prev by Date:
Hiding session id in the URL

Next by Date:
Re: Hiding session id in the URL

Previous by thread:
Hiding session id in the URL

Next by thread:
Re: Hiding session id in the URL

Index(es):

Date
Thread