That would be enough reason for me! via droid
On Dec 2, 2009 3:26 PM, "Mark Davis" <[email protected]> wrote: Just got this from a friend... This is why you use the loginStorage="session" If you use loginStorage="cookie", the authentication information is not kept in a persistent scope. Instead, the detailed login information is put in a memory-only cookie (CFAUTHORIZATION_applicationName) with a base64-encoded string that contains the user name, password, and application name. The client sends this cookie to the web server each time it makes a page request while the user is logged-in. *If you do not use SSL for all page transactions, the user ID and password are not protected from unauthorized access.* Sounds like a good reason to use the session scope ------------------------------ From: Mike G [mailto:[email protected]] *Sent:* Wednesday, December 02, 2009 2:06 PM *To:* [email protected] *Subject:* Re: RE: RE: [houcfug] loginStorage for apps I cant speak for adobe engineers, which is why I said "IMHO " <grin> via droid > > On Dec 2, 2009 2:03 PM, "Mark Davis" <[email protected]> wrote: > > so the reason for ... -- You received this message because you are subscribed to the "Houston ColdFusion Users' Group" discus... -- You received this message because you are subscribed to the "Houston ColdFusion Users' Group" ... -- You received this message because you are subscribed to the "Houston ColdFusion Users' Group" discussion list. To unsubscribe, send email to [email protected] For more options, visit http://groups.google.com/group/houcfug?hl=en
