Do you mean set session attributes? How do you do that from the client side?
--- On Wed, 12/31/08, Konstantin Kolinko <[email protected]> wrote: > From: Konstantin Kolinko <[email protected]> > Subject: Re: How can the login page see parameters in the original request? > To: "Tomcat Users List" <[email protected]>, [email protected] > Date: Wednesday, December 31, 2008, 5:43 AM > 2008/12/30 <[email protected]>: > > To hide the existence of the page from robots. > > > > --- On Tue, 12/30/08, Pid <[email protected]> wrote: > > > >> From: Pid <[email protected]> > >> Subject: Re: How can the login page see parameters > in the original request? > >> To: "Tomcat Users List" > <[email protected]> > >> Date: Tuesday, December 30, 2008, 6:26 AM > >> [email protected] wrote: > >> > >> > Only if certain secret fields and values are > present, > >> do I want to generate the login page. > >> > >> They're not really secret if you're > passing them as > >> parameters. > >> It sounds like you're trying to over-engineer > >> something, which often > >> results in no security improvements and sometimes > >> introduces flaws. > >> > >> What is your real goal? > >> > > > > How about passing them with the Session? > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: > [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
