Hi guys, Can somebody give me advice on how secure the built-in Java Servlet Session Management is, e.g. how easily session Ids can be forged, assuming that SSL is used. Cheers, Dominik