Results 1 to 2 of 2
  1. 05-03-2010, 12:02 PM #1
    pravinkumar
    pravinkumar is offline Member
    Join Date
    May 2010
    Posts
    1
    Rep Power
    0

    Default session hijacking

    In our application we have 3 layers/managers. Each of them having different roles. According to there role Each of them have some different as well as common priveleges.

    But due to same session variable name they can access each others privelegs by session hijacking .
    Please suggest to avoid this session hijacking
    Reply With Quote Reply With Quote
  2. 05-04-2010, 10:34 AM #2
    Tolls
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    10,438
    Rep Power
    16

    Default

    Are you saying they are sharing info in the session?
    That doesn't make any sense. Each session is isolated from the others.

    So you might need to explain in greater detail what you are talking about.
    Reply With Quote Reply With Quote
« Login page problem | problem d'insertion »

Similar Threads

  1. How to Kill session at application context level by using session Id
    By Kishore.Kumar in forum Java Servlet
    Replies: 1
    Last Post: 04-21-2009, 11:20 PM
  2. session
    By jhen in forum Java Servlet
    Replies: 5
    Last Post: 03-16-2009, 04:44 PM
  3. [SOLVED] Access to default session deniedAccess to default session denied
    By jazz2k8 in forum Networking
    Replies: 1
    Last Post: 03-10-2009, 01:12 PM
  4. How do I create session for a user when S/he login and expire the session.
    By dpk_vash in forum Web Frameworks
    Replies: 2
    Last Post: 12-23-2008, 06:35 PM
  5. session
    By jm_it04 in forum AWT / Swing
    Replies: 0
    Last Post: 03-04-2008, 11:32 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules