> You are correct that using sessions does not require using cookies. > You can also use URL Rewriting. But that does not happen > automatically, you must set it up. Like using encodeURL() and such. > There is no built-in way to use hidden form fields; I suppose you > could set that up yourself, but it would require more work, and there > might be secuity implications.
Correct me if I am wrong, but don't you have the same security issues with url rewriting as with cookies? It is both plain text, unless you use an encrypted connection. Frans > I have never used anything other than cookies for sessions, > fortunately I've worked in an environment where I knew cookies would > be enabled. So I don't know how problematic using URL Rewriting is. > But I'm glad I don't have to use it :-); certainly using cookies is > the simplest. ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
