Suppose i have two systems in same network,and cookie is disabled in both system browser. Now i am trying to Login to online server. Here if i am saving session using session id on server-side How will it differentiate that which user has logged-in in which browser?
if i am having <form> on all the pages i can pass session id as hidden field. But it's not necessary to have a <form> in all the pages, so how to change the url in this case.
If i am using get it can be dangerous, any one can get the user details by tracing the url.
So how will it work?