You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Chris Shen <em...@hotmail.com> on 2002/07/26 20:19:42 UTC

Site Security Issue

dear fellow developers,

    i've got a question for you guys...i've got a auth system that
distributes keys to users once they are authenticated. users can then use
that key as a ticket to get services. now, my question is what do most of
you guys do to make your site more secure? i.e. what would you do to keep
that cookie safe from hackers as it's being passed back and fourth through
the web? our main concerns are trojan horses and packet sniffing. we are
thinking about doing an IP check and perhaps setting up SSL? does anyone
have any ideas/opinions on this? thanks!

Chris

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>