Is there a way to force session to invalidate or not to be recognized
if the client IP changes? This is a PCI requirement so that if a
third obtains a valid session ID they cannot use it to re-establish
the original session with the server.
Based on tests I have run using resin 3.1.8, the
Hi,
I'm migrating from resin 2.1.16 to resin 3.1.8 and my logs are plenty
of:
[16:39:58.275][16:39:58.275]Note: /home/automat/www/bassist/WEB-INF/
work/_jsp/_bookassist_0admin/_users__jsp.java uses unchecked or unsafe
operations.
[16:39:58.275][16:39:58.275]Note: Recompile with -Xlint:unchec