Msg#: 3830023 posted 7:29 pm on Jan 19, 2009 (gmt 0)
How to keep a user authenticated when the session id is tied to the IP address he/she had when logged in - and that is changing during the session?
Although tying a session to one IP address has a reasonable level of security, there are too many users in the site I manage right now showing IP changing during a session (whatever is the reason, and there are many). So I'm looking for alternatives to keep the good level of security in user session without applying the IP address restriction. Does anyone have suggestions?