good lord that sounds positively insane. He's right... if you take the step of saying no cookies allowed you have to pass the token around from link to link, exposing it via the url and that is a security issue. Caused by the draconian no cookie requirement but its an issue alright. And if its a B2B he may have a higher likelihood of users who are behind firewalls and sharing a single cookie and IP. So he may not be as insane as all that.
His solution is ... well ... mind-boggling. In theory it should work. But holy crap talk about making things as difficult as possible. Lets reinvent the wheel and further specify that the wheel cannot simply be round, but rather must travel forward by folding space. Kind of an interesting brain teaser though. -- [EMAIL PROTECTED] Janitor, The Robertson Team mysecretbase.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http:http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:269965 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
