Amos Jeffries wrote:
> With squid its better to pass [the session id] as a cookie (which apparently gets
> stripped from any cached objects).
>
Not so sure about that. If you use URL rewriting, an URL like
http://x.y/app/showUserProfile;jsessionid=NNNN
works fine for several users, because they are distinguished by their
jsessionid. If the jsessionid is passed in a cookie instead, all users
fetch the same URL
http://x.y/app/showUserProfile
and might end up seeing each other's profiles when squid caches this URL.
Regards,
Oliver Schoett
Received on Tue Aug 21 2007 - 01:34:01 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:03 MDT