Frank W. Zammetti wrote: > Couple of things you could do... first, make sure all your requests go > through Struts. That way, they'd be copying a URL with .do, so when > they paste it in, they are again going through Struts. Then, you can > check in your code that a session has been established, and then you > assure that can only happen as a result of your login process.
[...more good ideas...] Except that they solve a different problem. If I understood the OP correctly, the issue is that the person can have two browser windows open at the same time and the second browser window inherits the session of the first one. >> If a user copies the URL displayed in the browser after login, and >> pastes it in a new browser window, his page gets displayed. How can I >> prevent such a behavior. I'm not sure that you can, and _if_ you can, it may be browser-specific. Sessions across the browser are handled differently by different browsers. This topic was addressed a few weeks back; you might want to check the archives for more info. Dave --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]