是否有关于servlet的会话完整性的正式定义? [英] Is there a formal definition of session integrity regarding servlets?
问题描述
此问题与另一个现有的问题有关。 HttpServletRequest的 getSession(boolean)方法提到会话完整性,但它没有定义概念。
我找不到官方定义。有没有?有没有人知道会话进入或退出完整性时正式定义的规则?谢谢。
它指的是将服务器会话与客户端(Web浏览器)会话与cookie链接的概念。 / p>
我不确定你对java web应用程序有多熟悉,但Servlet容器可以通过向url添加参数(通常称为jsessionid)或通过发送来跟踪会话给客户的cookie。我认为它会让人感到困惑,因为会话跟踪是会话完整性的同义词。
This question is related to another existing SO question. HttpServletRequest's getSession(boolean) method mentions session integrity, but it does not define the concept.
I could not find an offical definition. Is there any? Does anyone know what rules formally define when a session is in or out of integrity? Thanks.
It refers to the concept of linking the server session with the client (web browser) session with a cookie.
I'm not sure how familiar you are with java web apps, but the Servlet containers can track sessions by adding a parameter to the url (usually called jsessionid) or by sending a cookie to the client. I think it gets confusing because session tracking is a synonym of session integrity.
这篇关于是否有关于servlet的会话完整性的正式定义?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!