<shameless plug>
There is a chapter in the i-Mode Developer's Guide devoted to session
management which may be helpful.
</shameless plug>
A mobile will roam across several IP addresses in a session so is not a
good security check. Setting a short session expiration offers some
security.
Cheers
Kyle
On 2004 Jul 31, , at 16:59, Manish Prabhune wrote:
> Passing session ID in URL is fine.
> But if i copy the URL and mail it to another
> mobile phone the session gets continued there.
>
> The better solution is (only for registered sites)
> is to match the session ID and UID (which is unique
> for a mobile) to ensure that the session only
> continues only on the mobile where it originated
>
> Anyone has better ideas. Would love to hear if any
>
> Regards
> Manish
--
mobile web gear | pukupi.com
Received on Mon Aug 2 11:50:16 2004