Hi,
We have an old WO application where we require that the requests that
concerns the same session come from the same IP address. We did this to
avoid session theft, as sessions are identified by some code in the URL.
When our application detects a request with an IP address other than the
expected one, the user is directed to the login page. As more and more
of our users now connect from a Wi-Fi, it seems that our IP address
requirement maybe will have to go. In the application logs I now see too
many lines telling about IP address mismatch.
Does anybody have experience with this? Could the use of "Keep-Alive" on
the HTTP connection be a solution?
/Jon
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com
This email sent to [email protected]
