Dave, > I am using JSF (apache faces). The way to get Session or > HttpServletRequest from a backing bean is through FacesContext. > Backing beans are not servlet, so can not access HttpServletRequest > directly. > > After synchronizing the method, I still got the same problem.
Synchronization is not the problem: the lack of any identifying piece of
information is the problem. You have to have a way to identify which
user you are working with in order to get the session.
> public static HttpSession getHttpSession(boolean create) {
> FacesContext context = FacesContext.getCurrentInstance();
> return (HttpSession)context.getExternalContext().getSession(create);
> }
There is no information about the user, here. How does
FacesContext.getSession know which session to get?!
> It is in production stage and users are starting to use it. I am very
> nervous.
You certainly cannot think about going live with such a bad bug. What is
the product?
-chris
signature.asc
Description: OpenPGP digital signature
