From: Dannes W. <da...@ex...> - 2012-03-05 14:30:45
|
Hi, On Mon, Mar 5, 2012 at 2:42 PM, jarpis <ja...@gm...> wrote: > We have a strange and alarming problem with our eXist instance ..... > We have changed the controllers to allow shorter urls for requests ..... > but after some time we noticed that eXist did not ask for authorization > for the requests anymore. > Consequent testing revealed that even data changing requests go > through. > Without knowing the client code I have questions like..... in your situation do you reuse HTTP sessions in the client code (your browser will do it too), or do you retain sessions in your controller code, etc etc ? cheers Dannes -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |