tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: [OT] Sessions mix-up on Tomcat 6.0.26 on Linux
Date Thu, 19 Aug 2010 22:40:38 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yawar,

On 8/19/2010 3:27 PM, Yawar Saeed Khan/ITG/Karachi wrote:
> your comments on my current code tells me that this code is not bad,
> but I should check out tomcat's container managed logins... right?

This code seems to be doing more work than necessary. Container-managed
authentication and authorization is a useful service provided by the
container. I highly recommend taking a look at using it, but it may be
... disruptive to your existing workflows.

> plus I would like to mention that I have client side form validations
> (js) to stop query busters.

I'm sure that hackers will be sure to leave javascript enabled when they
visit your site.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxtsuYACgkQ9CaO5/Lv0PBOsQCgnldndPM7po8wlgYUq6k/QDT3
1mAAoKo/47GXpG4dIEfRNpkZnX/SSveb
=zrJ+
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message