Well In my situation it just works,
if you copy something like
http://localhost:8080/MyApp/welcome.do;jsessionid=64B0E7454BB37E8ECE50B8B0323735CD
in another browser - nothing happens ;) I don't know why, but I like it.
I use cookies for session management, couse I need them in some other
From: Paul Roberts [mailto:[EMAIL PROTECTED]
I have a question regarding IP address and session ID's.
If a user on IP Address 1 connects to the Tomcat server and is given
session ID A, what happens if that session ID is hijacked by
someone on
IP address 2 and then used for a further
@tomcat.apache.org
Subject: RE: Tomcat IP and Session ID's
Date: Fri, 24 Feb 2006 11:51:44 -
From: Paul Roberts [mailto:[EMAIL PROTECTED]
I have a question regarding IP address and session ID's.
If a user on IP Address 1 connects to the Tomcat server and is given
session ID A, what happens
From: Paul Roberts [mailto:[EMAIL PROTECTED]
I was wondering, over and above encrypting the communications
channel how does HTTPS help to prevent session ID hijacking?
To my knowledge, it doesn't (better heads than me may wish to contradict
me here). But keeping a randomly-generated session
@tomcat.apache.org
Subject: RE: Tomcat IP and Session ID's
Thank you.
I was wondering, over and above encrypting the communications channel how
does HTTPS help to prevent session ID hijacking?
Regards
Paul Roberts.
From: Peter Crowther [EMAIL PROTECTED]
Reply-To: Tomcat Users List users