On Mon, Feb 01, 2010 at 08:39:51AM +0000, Marcel Reutegger (JIRA) wrote: > > > Marcel Reutegger commented on SLING-1116: > ----------------------------------------- > > > HttpServletRequest.getRemoteAddress() > > this method returns the address of the client or the last proxy that sent the > request. if there is indeed a proxy in between, then this may hide that a > request is possibly sent from a different client. >
I have seen checkboxes on login forms, with a wording like: "limit session to this computer" or so. I think this binds a session to an IP-address after signup, the reason being, to prevent stolen cookies from working. -- peter
