How sessions are identified for user on server

Sidebar Sidebar
V

vdsindr

Distinguished
Apr 20, 2011
1
0
18,510
I am a java progrmaeer ,i m asked a question in interview that sessions are stored on client side in browsers / cookie files on cleint's computer then how server idetifies that i m the same user who is logged in from my own PC and I must be shown only that information that belongs to me?
Please help.
 
Sort by date Sort by votes
Generally when you are connecting to a server you will be issued with a jsessionid. On future requests you include this value and the server knows what session to use etc.
 
Upvote 0 Downvote
On a side-note, is there any mechanism to prevent someone to just hijack someone's session if he gets hold of the JSessionID (which could be easy using http sniffing)?
 
Upvote 0 Downvote
This is a pretty good wiki article discussing session id attacks and security measures. In essence you can prevent session hijacking by using HTTPS and/or by having stricter session id management.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

J
  • Locked
  • Question Question
Question My Facebook Account was Hacked
Replies
2
Views
40K
Social Networking
luckypigpig
luckypigpig
S
How to Setup a Plex Media Server?
Replies
0
Views
8K
Streaming Video & TVs
sparkinwords
S
M
  • Solved
Solved! choosing midrange Windows laptop for running physics simulations, touch screen for notetaking, and in-system programming
Replies
1
Views
4K
Laptop General Discussion
hang-the-9
hang-the-9
B
  • Solved
How do I make my SD card default storage for all photos on LG stylo 3?
Replies
1
Views
10K
Android Smartphones
webworkings
webworkings
Lutfij
The Best Tips And Tricks For Windows Laptop
Replies
0
Views
12K
Laptop General Discussion
Lutfij
Lutfij

TRENDING THREADS

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom