Re: [Cppcms-users] Web Service session management
Brought to you by:
artyom-beilis
Menu
▾
▴
Re: [Cppcms-users] Web Service session management
|
From: Leon <le...@wl...> - 2012-01-30 10:16:16
|
Hi, So cookie is the only answer. Do you have any suggestion for C++ HTTP client side library which provides the following features: 1. Cookies. 2. Keep-Alive. 3. Asynchronous. Thanks. On Fri, Jan 27, 2012 at 8:39 PM, Artyom Beilis <art...@ya...> wrote: >> From: Leon <le...@wl...> > >> >> Hi, >> >> Cppcms uses cookies to manage session. This is fine if the client is a >> browser. However, if the client is not a browser, cookie support may >> not available. In this case how can we manage sessions? What is the >> best practice? >> >> Thanks. >> > > Any decent HTTP client supports cookies, so there is no reasons to > to use them with non-browser clients. > > There is a very good reason to use Cookies for session management > security, see for example this: > > <http://cppcms.com/wikipp/en/page/secure_programming#Session.handling.is.cookie.based> > > And if even there is no "referrer" issue, passing session id via URL > > for example exposes it in web server logs, proxy servers logs and so on. > > So the best is to use Cookies, this is what they were designed for > keeps the state of the stateless HTTP protoco > > Artyom Beilis > ------------- > > Support CppCMS by donating money: > https://sourceforge.net/donate/index.php?group_id=209965 > > ------------------------------------------------------------------------------ > Try before you buy = See our experts in action! > The most comprehensive online learning library for Microsoft developers > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-dev2 > _______________________________________________ > Cppcms-users mailing list > Cpp...@li... > https://lists.sourceforge.net/lists/listinfo/cppcms-users |
