E
egarcia
Guest
Hello, The _getNextTimeStamp() function is intended to generate the value of a timestamp parameter ("ts") that is send to the server with a request to prevent caching. It is not related the JSESSIONID. The JSSESSIONID is an HTTP session token generated on the server and sent to the client to identify a session. The JSESSIONID is generally sent as an HTTPOnly cookie which means that it is not available to the client via JavaScript. The handling of the cookie is done by the web browser/container. If the client does not accept cookies, the JSESSIONID would be sent as a parameter in the URL. See general information at en.wikipedia.org/.../Session_(computer_science) It goes out without saying that you should use HTTPS. My understanding is that the security support that we use for the application server for REST / WebSpeed is based on Spring Security which is open source (via git). I will let others in the team comment on how the JSESSIONID is actually generated. I hope this helps.
Continue reading...
Continue reading...