We just had an extremely odd incident occur in our production environment, and I am hoping the scenario sounds at least familiar to someone. I'm having a fairly difficult time coming up with a good search string, so please excuse me if this is a known issue. This afternoon, we have a number of users in a variety of secure webapps deployed on Tomcat 5.5 on one particular production server (Red Hat Enterprise; we have three servers in this group behind load balancer). At 2:25:04, one of them requests a page in webappA, say something like /webappA/thisaction.act?param=1¶m=2. About 45 seconds later, another user requests a page in webappB, say /webappB/another.act?field=4&field=3. In between the two requests, there are probably 200 or 300 others, made by a variety of users, again, in a variety of other webapps. Here's the nutty part: The second user, instead of seeing the page they requested in webappB, sees the page displayed to the first user, from webappA. (The second user actually had the presence of mind to snap a screenshot and send it to us.) Looking at the Apache access logs verifies what was supposed to have happened and shows the requests fulfilled correctly. As far as I know, none of the other users who requested pages between the two users saw the wrong page. Nothing out of the order shows in the Tomcat logs, either. The only thing a little unusual about the second user's request is that it displays in a JS popup window (which is partly why the screen shot illustrates the problem very clearly). I'm thinking this has got to be some kind of cache issue, though I'm confounded by the fact that it's across webapps/contexts. there's nothing unusual about the JSessionIDs, so that's not it. If anyone has ideas, I'd be very grateful. Thanks, Teresa
