This content has been marked as final.
Show 3 replies
-
1. Re: Use of conversationId by web services
shane.bryzak Jul 28, 2007 12:49 PM (in response to davidintx)Conversation ID's are unique per session, so someone would need to hijack your session ID first. Session management with web services is a different issue, which we're still investigating a couple of options for.
-
2. Re: Use of conversationId by web services
davidintx Jul 28, 2007 1:31 PM (in response to davidintx)Thanks. I figured that when a session id is involved, that things are safe. It's the web service part that I'm interested in. Would one of options that you are considering be implemented in the 2.0.0 timeframe? Or should I just open up a jira issue and see what release it gets assigned to :).
-
3. Re: Use of conversationId by web services
gavin.king Jul 28, 2007 10:14 PM (in response to davidintx)A session id is *always* involved. The conversation state is stored in the HttpSession.