Solution : https://service.sap.com/sap/support/notes/1485551 (SAP Service marketplace login required)
Summary :
When developing a JavaServer Faces (JSF) application that stores session state information on the client-side, it is essential to ensure the security of this data. According to SAP guidelines, you must encrypt client-side session state to protect sensitive information. To achieve this, you should modify the `web.xml` deployment descriptor by adding the `com.sun.faces.ClientStateSavingPassword` entry. This entry will specify the use of a password to encrypt the session state, ensuring its privacy and integrity when stored client-side. Use the outlined XML configuration to set your chosen encryption password effectively.
Key words :
string</env-entry-type> <env-entry-, > <env-entry-type>java, <env-entry> <env-entry-, store session state information, clientstatesavingpassword</env-entry-, session state information, >some_password</env-entry-, session state reason, javaserver faces application, terms javaserver faces
Related Notes :
| 1048442 | |
| 864172 | SAP NetWeaver 7.0 (2004s) Documentation |
| 701097 | SAP NetWeaver '04 Documentation |