try tying the session with the ip address of user....
----- Original Message -----
From: Raj Kumar Jha <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, September 21, 2000 3:20 PM
Subject: Re: [Re: http session bugs]
> Hi,
> I am using URL rewriting for session tracking. The problem here is that
> if someone makes a note of the session id from the browser or listens to
it
> on the net and uses the same session id to request a service I am not able
> to differentiate between the two users. Any suggestions on how I can tie a
> session to a particular browser window?
> Thanks in Advance,
> Raj
> [EMAIL PROTECTED]
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
