Don't worry for security here.

jabber (jabber)
The implementation of Session is vendor specific. Of course, it needs to comply the interface specified in the servlet API. It is in the Memory.
But it can be serilaized to the hard disk. Because you Never, Never, Never transmit the session to the Internet, it seems to me there is no security problem.

By the way, pls use session.setAttrbute(), session.getAttribute(), session.removeAttribute(). session.getValue has been deprecated.

Good luck.
2001-1-30 -04:00
This post has been archived. It cannot be replied.
Page address has been copied. To share, click to copy page address.
Share Online by QR Code

Back To Topic: Hi,jabber,Please help me.I want to pass and store some parameters using session.getValue and sessionId between different jsp pages but I don't know where these values are stored, in Memory or hd in Webserver(resin+apache)?...

Back To Forum: HOME枫下论坛枫下论坛主坛工作学习IT技术讨论