[jira] [Updated] (WAVE-133) Security: We need to generate a new session id when user logs in.

Ali Lown (JIRA) Thu, 30 Jan 2014 13:31:40 -0800

     [ 
https://issues.apache.org/jira/browse/WAVE-133?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ali Lown updated WAVE-133:
--------------------------

    Labels: security  (was: )

> Security: We need to generate a new session id when user logs in.
> -----------------------------------------------------------------
>
>                 Key: WAVE-133
>                 URL: https://issues.apache.org/jira/browse/WAVE-133
>             Project: Wave
>          Issue Type: Bug
>            Priority: Minor
>              Labels: security
>
> We are should generate a new session see code here:
>  
> http://code.google.com/p/wave-protocol/source/browse/src/org/waveprotocol/box/server/rpc/AuthenticationServlet.java#127
> This can be a security vulnerability.
> ---
> Issue imported from 
> http://code.google.com/p/wave-protocol/issues/detail?id=132
> Owner: [email protected]
> Label: Type-Defect
> Label: Priority-Medium
> Stars: 1
> State: open
> Status: Accepted



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Updated] (WAVE-133) Security: We need to generate a new session id when user logs in.

Reply via email to