DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=22679>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=22679 ------- Additional Comments From [EMAIL PROTECTED] 2007-04-24 15:49 ------- It is not possible to change the session id of a session, it has to be asssumed. If you want to submit a valve which would enforce "better" security (= a lame hack which would pretend to be secure), then I would be ok to commit it and let this bug report live. Despite the dynamic IP thing, I think 3 out of 3 is a minimum requirement, despite possible problems (IPs do not change every 5s, so I don't see the point, and if they do, let the user log back in). Otherwise -> INVALID. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
