tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeremy Santos" <tornadoisc...@yahoo.com>
Subject Security with JSessionID
Date Wed, 10 Oct 2001 23:46:29 GMT
Hi,

I've looked thru the archive and I can't seem to find the answer to this
one.  So I'll just post it...

I'm using Tomcat 3.2.3, and apparently, if I can steal someone's
JSESSIONID... I can hack into his account eventually and get all crucial
information.

Is there a fix for this?  Any additional information would be greatly
appreciated.

Thanks
jk


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


Mime
View raw message