why dont u use hidden variables in forms. u can pass the session id in all
forms. when the user logs out u can invalidte the session.
ram
>From: dkabali <[EMAIL PROTECTED]>
>Reply-To: "A mailing list for discussion about Sun Microsystem's Java
> Servlet API Technology." <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: help:security
>Date: Thu, 18 Jan 2001 14:07:12 +0530
>
>Hi all
>
>for mainting the session throught the project I already asked
>which is we can't use cookiee & session because both are
>storing in browser cookiee when browser cookiee option disabled
>
>instead of when you are going use url rewriting, in IE history option
>storing which are file visited so after logout user can open
>the project through the history option can open files.
>
>so please give one of the best option to secure the project
>or else give one small idea coding
>
>most urgent........
>
>Thanks in advance
>kabali
>
>___________________________________________________________________________
>To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
>of the message "signoff SERVLET-INTEREST".
>
>Archives: http://archives.java.sun.com/archives/servlet-interest.html
>Resources: http://java.sun.com/products/servlet/external-resources.html
>LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
