Thats basically the same code as on
http://randomcoder.com/articles/jsessionid-considered-harmful.
OWASP also has a good deal to say about sessions:
http://www.owasp.org/index.php/Session_Management
Regards,
Erik.
James Carman wrote:
The Seam folks have a "fix" for removing JSESSIONID from the URLs, too:
http://seamframework.org/Documentation/RemovingJSESSIONIDFromYourURLsAndFixingScache
--
Erik van Oosten
http://day-to-day-stuff.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
