Author: dan.j.allen Date: 2008-09-20 23:36:42 -0400 (Sat, 20 Sep 2008) New Revision: 9058 Modified: branches/community/Seam_2_0/doc/Seam_Reference_Guide/en-US/Security.xml Log: core:servlet-session should be web:session Modified: branches/community/Seam_2_0/doc/Seam_Reference_Guide/en-US/Security.xml =================================================================== --- branches/community/Seam_2_0/doc/Seam_Reference_Guide/en-US/Security.xml 2008-09-21 03:00:05 UTC (rev 9057) +++ branches/community/Seam_2_0/doc/Seam_Reference_Guide/en-US/Security.xml 2008-09-21 03:36:42 UTC (rev 9058) @@ -1292,7 +1292,7 @@ changes. Just add this line to <literal>components.xml</literal>: </para> - <programlisting role="XML"><![CDATA[<core:servlet-session invalidate-on-scheme-change="true"/>]]></programlisting> + <programlisting role="XML"><![CDATA[<web:session invalidate-on-scheme-change="true"/>]]></programlisting> <para> This option helps make your system less vulnerable to sniffing of the session id or leakage of