On 16/10/2010 13:55, Juliano Daloia de Carvalho wrote:
> yes Pid, we can say that is a kind of encryption.
What do you gain by encrypting the session id?
> do you know which is the first tomcat class that receives the client request?
>
> do you know which is the last tomcat class that is used be
: Tomcat Users List
Enviadas: Sábado, 16 de Outubro de 2010 4:01:23
Assunto: Re: Res: Res: JSESSIONID Cookie handle customizing
So you want encrypt the session id?
p
On 15 Oct 2010, at 17:33, Juliano Daloia de Carvalho
wrote:
> I need to change the value of the sessionID. If I let this to be d
So you want encrypt the session id?
p
On 15 Oct 2010, at 17:33, Juliano Daloia de Carvalho
wrote:
> I need to change the value of the sessionID. If I let this to be done on the
> servlet, tomcat won't be able to identify the real session, and will send a
> redirect to login page.
>
>
>
>
> --
Mark thank you!
do you know which is the first tomcat class that receives the client request?
do you know which is the last tomcat class that is used before send the
response
to the client?
tks.
Juliano
- Mensagem original
De: Christopher Schultz
Para: Tomcat Users List
Envia
> From: Juliano Daloia de Carvalho [mailto:judac2...@yahoo.com.br]
> Subject: Res: Res: Res: JSESSIONID Cookie handle customizing
> I want to create one little class that handle on the
> server side the cookie information that can come on
> the header, make a preprocessing wh
message from
the
client and the last one before send it to the client.
Tks
Juliano
- Mensagem original
De: Mark Thomas
Para: Tomcat Users List
Enviadas: Sexta-feira, 15 de Outubro de 2010 13:56:07
Assunto: Re: Res: Res: JSESSIONID Cookie handle customizing
On 15/10/2010 17:47
On 15/10/2010 17:47, Juliano Daloia de Carvalho wrote:
> Chuck, I can't say explicit why I need to use this info on the session. but
> is
> related with security issues.
>
> and you are right, is much more plausible to make this as you said, but I
> can't afford to do that.
If you need to con
com.br]
> Subject: Res: Res: JSESSIONID Cookie handle customizing
> I need to change the value of the sessionID.
Why? Using a separate parameter or cookie to hold your specific additional
information would seem to be a much more workable solution - assuming you even
need to do th
I need to change the value of the sessionID. If I let this to be done on the
servlet, tomcat won't be able to identify the real session, and will send a
redirect to login page.
- Mensagem original
De: Pid
Para: Tomcat Users List
Enviadas: Sexta-feira, 15 de Outubro de 2010 13:19:54
