would you paste your code here? I will get a try if there is no problem. On Sat, May 8, 2010 at 9:04 PM, Zilvinas Vilutis <cika...@gmail.com> wrote:
> > The problem is not in wicket, but in SwfUpload or more specific would be > the > Adobe Flash itself - which uses IE cookies in any case, even when you're > using FF or Chrome or Safari on Windows ( > http://swfupload.org/forum/generaldiscussion/869 ) > > Not sure how secure is it - but I've solved this in the following way: > - I've created a "SecureSessionHolder" static class which holds a list of > secure session ids > - Adding the secure session id to the list in "SecureSessionHolder" on > authentification > - an impl of "HttpSessionListener" to remove the session ids from the > static > list in "SecureSessionHolder" when session is destroyed > - in the SwfUpload servler just check if the session id ( passed as a > submit > parameter ) is in the secure session list in "SecureSessionHolder" before > parsing the response data > > If anybody has got any security concerns on this impl - please notify me, > I'll appreciate any opinions > > ----- > -------------------- > nothing is impossible > -- > View this message in context: > http://apache-wicket.1842946.n4.nabble.com/how-to-get-some-data-from-servlet-tp1885531p2136546.html > Sent from the Wicket - User mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > > -- Fernando Wermus. www.linkedin.com/in/fernandowermus
