On 2/15/07, Dinner <[EMAIL PROTECTED]> wrote: > Lot of work for not much difference. Might as well set the session > timeout really really low or something, right?
If I were trying to find sanity in the desired approach, I'd first have to accept the fact that you *cannot* have cookies. In an environment where site customers are all corporate, and an entire building's worth of buyers could all be sharing the same cookie thanks to some fascist security scheme, the use of cookies can be catastrophic. Been there. So I understand the requirement although I pity to poor guy who has to comply with it. Given that, a short session timeout would not solve the problem. If I was stuck passing url tokens of some kind, a continuously morphing one sounds like a step up from a static one; at least on the surface. 'course, I haven't seen "the problem" since a health care industry job I did like six years ago, so for all I know firewalls are a hell of a lot smarter now and this client is living in the past and solving a problem that doesn't exist anymore. Glad its not my job and all I have to do is idly speculate without really thinking it thru :-) -- [EMAIL PROTECTED] Janitor, The Robertson Team mysecretbase.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http:http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:269972 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
