Sessions
Derek Atkins
derek at ihtfp.com
Mon Jun 16 21:50:38 EDT 2003
Pat Farrell <pfarrell at pfarrell.com> writes:
> The solution is not very hard, set a cookie with a strongly created
> nonce, use that to index into the table of valid sessions. At least
> it is easy until you want to scale it to many servers.
This is what a backend database is for. ;)
> Pat
-derek, who just implemented something like this for one of his clients
--
Derek Atkins 617-623-3745
derek at ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list