Hi All,
I use cookies to identify users logged in my web based application (JSDK 2.1).
For security reasons, I allow only short period of
inactivity (3 min.), so I set max. age to 180. The problem
occurs when client's clock is ahead of the server's clock.
The user is logged-off immediately.
It looks like that addCookie method uses max age to encode
(calculate) the "Expires" tag, not "Max-Age" as one might expect.
Is there any workaround?
Of course I can always stick server's timestamp in my cookie and
handle it from there but then what is the purpose of max age?
Thanks
Dragomir
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
