Basics of Web Application Security: Protect User Sessions
Once you have a properly authenticated user, you also have a target for an
attacker. If an attacker can infiltrate an authenticated session, he can do
anything that user is allowed to do. So it's important to protect sessions by
generating safe session identifiers, not exposing them, and managing the lifecycle
of sessions.
No comments have been added yet.
Martin Fowler's Blog
- Martin Fowler's profile
- 1099 followers
Martin Fowler isn't a Goodreads Author
(yet),
but they
do have a blog,
so here are some recent posts imported from
their feed.
