Displaying 1 result from an estimated 1 matches for "session_fixation".
2006 Jan 19
4
Can the session be trusted for Username/password?
I understand that a session is server side, and not externally visible.
For this reason can it be used to store a User class (username/ hashed
password) safely?
Or do I need to check whats in the session against the user table every
time I access a controller?
Many thanks, P.
--
Posted via http://www.ruby-forum.com/.