> This name for the issue is misleading; this is a state management
> issue combined with a session management issue.
I don't quite agree. Some developers use stateless authentication
methods specifically to avoid the pitfalls of improper session
management (and session token...
> This name for the issue is misleading; this is a state management
> issue combined with a session management issue.
I don't quite agree. Some developers use stateless authentication
methods specifically to avoid the pitfalls of improper session
management (and session token...
[ more ]