> From: Christopher Schultz [mailto:[EMAIL PROTECTED]
> Dave,
>
> > It is very strange. I do not understand how a User object in Session
> > A gets into Session B. It seems that after a session is expired or
> > invalidated, that session is attached to another user's request.
>
> I think what's going on is that you have a global session, instead of
> individual sessions. User A is not seeing User B's session:
> everyone is
> seeing the /same/ session.
I'm going to take a different guess:
- Tomcat reuses session objects rather than allocating a new one each
time;
- You're seeing an artifact of this re-use: an expired session object
has been re-used for a new session.
- Peter
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
