Search Results

Search found 1 results on 1 pages for 'technocool'.

Page 1/1 | 1 

  • CRSF token and Session replication with Tomcat and Apache

    - by technocool
    I have an J2EE compliant web application. I use a session based token to append a secondary id to all incoming link generated by my application. To prevent my application against CSRF attack, I validate the secondary id before I allow the user session to work off the subsequent page. Recently, while working with session replication mechanism implementation, I observed that on session failover, the generated secodary id is lost and the user get re directed to the login page/default page. Any suggestions on how I can ensure that the my generated secondary token id is not lost from the replicated session?

    Read the article

1