Hi guys,
I am having a simple example in my application.

In my xhtml page, i use:



to restrict certain parts of the page to be displayed to logged users.

I did notice that the URL after user's login has changed to:

http://blah.xxx.seam?cid=3

However, when i manually change the cid number, say for example, to 4 or 5 or 6, this page still display. Should it only be displayed to user who has the session of 3?

cheers!