Dan, how about an attacker who uses a script to just call the login page lots of time. Could it not cause an OutOfMemory error or at least a degradation of your application performance by your web server having to manage millions of sessions apart for the legit ones?
-- View this message in context: http://apache-wicket.1842946.n4.nabble.com/Login-page-stateless-tp4584483p4585721.html Sent from the Users forum mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org