Jasbinder Singh Bali wrote:
Turn off cookies, Tomcat should then rewrite URLs to include jsessionid. Then it's trivial to hijack such session.In short, i need to demonstrate session hijacking in apache tomcat and then show measures that would be taken to get rid of it.Any kind of help would be highly appreciated.
-- Mikolaj Rydzewski <[EMAIL PROTECTED]>
smime.p7s
Description: S/MIME Cryptographic Signature
