Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Overriding JSESSIONID

 
Neeraj Vij
Ranch Hand
Posts: 315
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

How can I override the JSESSIONID created by the servers ? I want my web application to maintain the session based on a session cookie created by me. Even if somebody is able to hack the jsession id created by the server, it should not be an issue with the application.

Thanks,
Neeraj.
 
ujjwal soni
Ranch Hand
Posts: 403
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I think the best idea is not to over ride the JSESSIONID but to implement your own session handling. Go to the o'rielly site and do a search for pseudo-sessions for an example.

However, if you are using tomcat then the below link might help you out

http://runtime32.blogspot.com/2009/04/override-tomcat-session-cookie.html
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13047
6
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Even if somebody is able to hack the jsession id created by the server, it should not be an issue with the application.


Any session mechanism you create yourself will have the same vulnerability since the id will have to appear in a cookie or elsewhere in the request. There are better ways to be sure that you are talking to an authorized user.

Bill
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 33696
316
Eclipse IDE Java VI Editor
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Neeraj Vij wrote: Even if somebody is able to hack the jsession id created by the server, it should not be an issue with the application.

Why? Is your cookie somehow more secure? If you are really worried about hackers, I hope you are using https.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic