Re: username stored in browser cookie?

BJ Freeman Sat, 31 Jul 2010 10:27:25 -0700

since the browser is allowed to store both the log in and password, Idon't see the problem unless someone is using a public computer.


Wai sent the following on 7/31/2010 9:50 AM:


Hello All,

I notice that ofbiz stores the username inside a browser cookie.  I would
like to get some comments as to whether this is a potential security risk?
eg...

JSESSIONID=E4CADD25A32162D92C31DC938C108DFE.jvm1; OFBiz.Visitor=10025;
mystuff.autoUserLoginId=admin

Thanks

Re: username stored in browser cookie?

Reply via email to