EG:
session = request.getSession();
if (session == null){
session = request.getSession (true);
session.setAttribute ("IP_ADDR",request.getRemoteAddr());
}
String ipaddr = session.getAttribute ("IP_ADDR");
if (ipaddr.equals (request.getRemoteAddr())){
//do the proper stuff
}else{
//send a security message
}
Hope this helps,
Chris Heinemann
Internet Administrator, Horace Mann
Raj Kumar Jha wrote:
Hi,
I am using URL rewriting for session tracking. The problem here is that
if someone makes a note of the session id from the browser or listens to it
on the net and uses the same session id to request a service I am not able
to differentiate between the two users. Any suggestions on how I can tie a
session to a particular browser window?
Thanks in Advance,
Raj
[EMAIL PROTECTED]------------------------------------------------------------------------------
Archives: http://www.egroups.com/group/jrun-interest/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/jrun_talk
or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
