I've been experiencing some session bleed across accounts (several instances of users crossing over into other users' sessions, and being able to see other users' accounts). And while investigating that (by the way, has anybody else run into this?), I've noticed that the database in which I keep my sessions has several duplicate session keys.
So, my main question is -- is this by design, or is something wrong? When you store sessions in database (using session.connect - to MySQL in this case), are there supposed to be duplicate entries with the same uuid/session key? Would it benefit me to put in a unique constraint on the unique_key db column? A little more about my setup: web2py version 1.67.2 running behind Apache/WSGI, load balanced across 3 servers. (Hence why I'm keeping sessions in a db rather than on disk). Sessions being stored in a MySQL db. -- You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web...@googlegroups.com. To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/web2py?hl=en.
