hi, in my application, i handle the user login using session. if the user login successfully, i will add an session attribute "id" for the user name. eg:
and when the user logout, i will have the attribute removed... but i read in some books they said that creating too many session will occupy memory of the server, and i was thinking, does this means it is not a good practice??
can any experts kindly drop some tips/hints or links that might help me in designing the login/logout for my application.. tks