You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by "Ushakov, Sergey N" <us...@int.com.ru> on 2002/06/11 08:45:15 UTC

HttpSessionContext deprecation reasons

Hi, we know HttpSessionContext is deprecated now as claimed to be unsecure.

Meanwhile it is very useful for some tasks. It is also not a big deal to
implement it in a propriatary web app.

But does anyone know of the reasons for deprecation? I could find any trace
of them...

Are the security issues really big? Should I think twice before I deploy an
app with such a mechanism inside?

Regards,
Sergey


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>