I have a question regarding IP address and session ID's.
If a user on IP Address 1 connects to the Tomcat server and is given
session ID A, what happens if that session ID is hijacked by someone on
IP address 2 and then used for a further request. How would the
different version of Tomcat react to this, if at all. Specifically does
Tomcat hold a relationship between IP address and session ID which is
checked on each subsequent request.
_________________________________________________________________
Are you using the latest version of MSN Messenger? Download MSN Messenger
7.5 today! http://messenger.msn.co.uk
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
