Well, the problem is that I've divided my users into different groups. And those groups have various levels of authorities. The problem that occurs is that, not knowing which browser-tab is using my application, I can't be sure what permissions to give to the application-user should users use the same browser (on different tabs).
RML "Benjamin D. Smedberg" <[EMAIL PROTECTED]> schreef in bericht news:[EMAIL PROTECTED] > Planet Internet Nieuws wrote: >> I'm currently writing a .NET application and I run into a problem using >> multi-tab browsers (like FireFox). I'm using the unique ASP.NET >> session-id to keep track of security issues with a logged-in user. The >> session id is one-on-one with his/her security account. However, when >> using 2 tabs in FireFox, one session-id is used by both tabs. It >> undermines my procedures. How can I deal with this problem? How do I make >> each tab-session unique? > > It's the same browser, so it uses the same cookies (which presumably > matches up to the ASP.NET session ID). Why do you care which tab the user > is in? Perhaps they wanted to see your website in two tabs at the same > time... > > --BDS _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
