This method can be called by the authentication mechanism.
For instance, it can be container implementation of form based login or
a user defined JSR 196 auth modules.
Shing Wai Chan
The contents of the session will remain the same.
On 1/21/12 2:20 PM, Jeff Williams wrote:
> Will there be guidance to developers on when to use this method? Could
> we require it to be called upon login? I assume that the contents of
> the session will remain unchanged?
>
> --Jeff
>
>
> -----Original Message-----
> From: jsr340-experts-request_at_servlet-spec.java.net
> [mailto:jsr340-experts-request_at_servlet-spec.java.net]
> Sent: Saturday, January 21, 2012 4:19 AM
> To: jsr340-experts_at_servlet-spec.java.net
> Subject: Digest for list jsr340-experts_at_servlet-spec.java.net
>
> Table of contents:
>
> 1. [jsr340-experts] Re: SERVLET_SPEC-13: Make session fixation
> protection part of the spec - Mark Thomas<markt_at_apache.org>
>