For some business web application in the future I would like to use this constellation :
- using https
- using stateless authentication
I read much about web site security and I'm worried about the fact, if this is a secure combination.
Can you help me to get a recommendation ?
Is there a kind of trap I will fall into ?
Thanks for your evaluation (and the appropriate arguments).