Are you storing/defining these user details outside the doPost or doGet
methods of any of the servlets used to access them?
the only way that these details will (should, could) be shared across
different user sessions are if the session hasn't been properly
invalidated or cleared, and the user logs in at the same machine, or if
you've defined or stored them in a static variable or variable outside
of the threaded methods used to access and manipulate them.
private String username;
doGet(...) throws ... {
// do stuff with 'username'
}
Timothy Collett wrote:
> On Jul 21, 2006, at 9:50 AM, Dave wrote:
>
>> Hi Tim,
>>
>> It is very strange. I do not understand how a User object in Session
>> A gets into Session B. It seems that after a session is expired or
>> invalidated, that session is attached to another user's request.
>> Just one guess.
>>
>> Please share more when you find anything.
>
> Well, one thing I can remember from my previous experiments is that it
> wasn't invalidated sessions--it was current sessions. Also, I was
> primarily using JSPs (which, from my understanding, are essentially
> compiled into servlets), rather than Faces, so I can access the request
> directly.
>
> I believe what I did was something like the following:
>
> Log in with User A
> Log in with User B
> Do something with User A
>
> At this point, User A had User B's username, and if User B had switched
> from live to test data, User A would have been bumped to test, as well.
>
> When I have some more time, I'll re-run the experiments and confirm this.
>
> Timothy Collett
>
> --
>
> "Reality is merely an illusion, albeit a very persistent one "
> --Albert Einstein
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
