G
Guest
Hi,
I have a web site which uses FormAuthentication. After the logging in, i store the user credentials in a Session Variable which is not updated any where in the website. After certain point it seems that Users are able to view other people pages with their credntials, even though on every web page initialize , a user context is set based on the logged in session variable.
If there any chance of session variable of one user getting updated/overlapping with users.
Thanks
Srinivasa Raghavan
I have a web site which uses FormAuthentication. After the logging in, i store the user credentials in a Session Variable which is not updated any where in the website. After certain point it seems that Users are able to view other people pages with their credntials, even though on every web page initialize , a user context is set based on the logged in session variable.
If there any chance of session variable of one user getting updated/overlapping with users.
Thanks
Srinivasa Raghavan