BJ, does ofbiz actually store the password in the cookie? Because a cookie is really a text file, anybody who has access to a browser cache would be able to see it. A regular person can see the contents of a cookie just by typing in "javascript:document.cookie" in the address of the browser.
>From your previous posting, I take it that ofbiz should be run in an intranet environment. But that would not quite work for people using ofbiz ecommerce app. Since the ecommerce app stores the username in the cookie as well. Wai -- View this message in context: http://ofbiz.135035.n4.nabble.com/username-stored-in-browser-cookie-tp2308984p2309026.html Sent from the OFBiz - User mailing list archive at Nabble.com.
