Something just occured to me, when you store something in a HttpSession, =
where does it go ?
Like if i put session.setAttribute("username",theUserName); where is the =
data stored ? on the server ? on the client ? in the browser cache ?
If it is stored in the browser, can it be accessed in someway ?
I'd like to know for sure if sensitive info can be stored in a =
HttpSession, like if a user is logged in or not. I figure if it is =
stored like a Cookie, you could open if with notepad and modify it, =
couldn't you ?
Well, thanks in advance, AD.
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
