DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=31676>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=31676 [PATCH] HolderAwareContinuationsManagerImpl ------- Additional Comments From [EMAIL PROTECTED] 2004-10-15 14:31 ------- For paranoid users (some of our clients can be described like that) it would be useful to restrict continuations to session only (if I or somebody on the team else messed something up with caching headers - It turns out I do it wrong right now). User might have not logged out so the session is still valid. This would allow someone to run page from cache without knowing the session cookie and still be able to access the application. Paranoid as I've written. But if we are to implement map of continuation IDs we've made a full turn and we're back with WebContinuationsHolder :) What now ?
