Arnaud D <[EMAIL PROTECTED]> wrote:
__________
>Something just occured to me, when you store something in a HttpSession, =
>where does it go ?
>
As several others have said,
it is stored in memory on the
server, and not accessable to
the client.
Some application servers will however
write out the session data to
support fault tolerance, load
balancing, server restarts etc.
So you shouldn't put _really_
sensitive data in the session,
like passphrases or private keys.
Tim.
http://www.westpoint.ltd.uk/
Internet reconnaissance services.
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
