The problem is not in wicket, but in SwfUpload or more specific would be the Adobe Flash itself - which uses IE cookies in any case, even when you're using FF or Chrome or Safari on Windows ( http://swfupload.org/forum/generaldiscussion/869 )
Not sure how secure is it - but I've solved this in the following way: - I've created a "SecureSessionHolder" static class which holds a list of secure session ids - Adding the secure session id to the list in "SecureSessionHolder" on authentification - an impl of "HttpSessionListener" to remove the session ids from the static list in "SecureSessionHolder" when session is destroyed - in the SwfUpload servler just check if the session id ( passed as a submit parameter ) is in the secure session list in "SecureSessionHolder" before parsing the response data If anybody has got any security concerns on this impl - please notify me, I'll appreciate any opinions ----- -------------------- nothing is impossible -- View this message in context: http://apache-wicket.1842946.n4.nabble.com/how-to-get-some-data-from-servlet-tp1885531p2136546.html Sent from the Wicket - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
