Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

session hijacking

843840Jul 18 2008 — edited Jul 21 2008

hello dude,

I just want to avoid session hijacking for my current developing project to make it more secured and have gone through the concept by googling. But to me, some points are unclear. for example,

1 How can the jacker deploy his code into my jsp file to get the session id and other session details?
2 Will he use some tool to get my session id ?

( I will be admired and understood better, if someone can give sample code for this)

Locked Post

New comments cannot be posted to this locked post.

Locked on Aug 18 2008

Added on Jul 18 2008

#javaserver-pages-jsp-and-jstl

6 comments

402 views