Don't worry for security here.

jabber (jabber)
The implementation of Session is vendor specific. Of course, it needs to comply the interface specified in the servlet API. It is in the Memory.
But it can be serilaized to the hard disk. Because you Never, Never, Never transmit the session to the Internet, it seems to me there is no security problem.

By the way, pls use session.setAttrbute(), session.getAttribute(), session.removeAttribute(). session.getValue has been deprecated.

Good luck.

2001-1-30 -04:00

回到话题: Hi,jabber,Please help me.I want to pass and store some parameters using session.getValue and sessionId between different jsp pages but I don't know where these values are stored, in Memory or hd in Webserver(resin+apache)?...

回到论坛: HOME枫下论坛枫下论坛主坛工作学习IT技术讨论