Will there be guidance to developers on when to use this method? Could
we require it to be called upon login? I assume that the contents of
the session will remain unchanged?
--Jeff
-----Original Message-----
From: jsr340-experts-request_at_servlet-spec.java.net
[mailto:jsr340-experts-request_at_servlet-spec.java.net]
Sent: Saturday, January 21, 2012 4:19 AM
To: jsr340-experts_at_servlet-spec.java.net
Subject: Digest for list jsr340-experts_at_servlet-spec.java.net
Table of contents:
1. [jsr340-experts] Re: SERVLET_SPEC-13: Make session fixation
protection part of the spec - Mark Thomas <markt_at_apache.org>