On Jan 17, 2007, at 5:50 PM, Tracy12 wrote:
What about the security measures if we store authenticated user
information
in a cookie,
Cant we handle in the server session and and store it as a session
variable.
This would be much secure?
you store a session id in a cookie
you store the user info on the lan, mapped to the id in the cookie
you can use checksum cookies and other stuff to mitigate cookie spoofing
// Jonathan Vanasco
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - -
| FindMeOn.com - The cure for Multiple Web Personality Disorder
| Web Identity Management and 3D Social Networking
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - -
| RoadSound.com - Tools For Bands, Stuff For Fans
| Collaborative Online Management And Syndication Tools
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - -
