Hi Jeffery
Check what else they have open when they access your application. There could
be another J2EE application that does not scope it's session cookies correctly.
We have had ongoing problems with SAP portal servers scoping session cookies
across our whole domain, rather than scoping to the server they are running on.
When this happens, you get a session that does not belong to you. Ask them to
browse their cookies and tell you the scope (there are many Firefox plugins
that will make this easy).
Personally I think it is a shortcoming of the J2EE Servlet specification - all
session cookies are named JSESSIONID. This is not honoured by some IBM
products, but Tomcat adheres faithfully to the spec.
Regards
Ron
----- Original Message -----
From: Jeffrey Janner
To: Tomcat Users List
Sent: Wednesday, February 24, 2010 11:48 AM
Subject: RE: Session id is invalid occurs randomly
******************************* NOTICE
*********************************
This message is intended for the use of the individual or entity to
which
it is addressed and may contain information that is privileged,
confidential, and exempt from disclosure under applicable law. If the
reader of this message is not the intended recipient or the employee or
agent responsible for delivering this message to the intended
recipient,
you are hereby notified that any dissemination, distribution, or
copying
of this communication is strictly prohibited. If you have received
this
communication in error, please notify us immediately by reply or by
telephone (call us collect at 512-343-9100) and immediately delete this
message and all its attachments.
------------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
