My company is planning an extremely large web project and Wicket is a candidate for use. My manager pointed out some unsettling words on the Wicket FAQ, which are ambiguous unfortunately. http://wicket.apache.org/features.html
>>>Wicket is secure by default. URLs do not expose sensitive information and all component paths are >>>session-relative. Explicit steps must be taken to share information between sessions. There are plans >>>for the next version of Wicket to add URL encryption to support highly secure web sites. Can someone please elaborate on what is meant by "Explicit steps must be taken to share information between sessions." Thank you, -Jonathan -- View this message in context: http://www.nabble.com/Wicket-not-secure--tp19556259p19556259.html Sent from the Wicket - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]