...@christopherschultz.net님이
작성:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
이강우,
On 10/23/14 1:56 AM, 이강우(KangWoo Lee) wrote:
ok I undertand.
- the session identifier should change to prevent session-fixation
attacks.
but how I can set tomcat to regenerate id value? I was search
document
Environment - openjdk 1.7 - tomcat 7.0.55 with native connector - apache
2.4.10 with mod-jk 1.2.40
1. Tomcat start
2. Client request - JSESSIONID is null
3. tomcat response - JSESSIONID=C5EBF0AA96ADB34E0C28E4D9D2595D98 is
create
4. refresh page - session attribute(name=count,
-
Hash: SHA256
이강우,
On 10/22/14 4:41 AM, 이강우(KangWoo Lee) wrote:
Environment - openjdk 1.7 - tomcat 7.0.55 with native connector -
apache 2.4.10 with mod-jk 1.2.40
1. Tomcat start 2. Client request - JSESSIONID is null 3. tomcat
response - JSESSIONID=C5EBF0AA96ADB34E0C28E4D9D2595D98