You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/11/17 12:17:57 UTC

DO NOT REPLY [Bug 14625] New: - Session Problem

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14625>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14625

Session Problem

           Summary: Session Problem
           Product: Tomcat 4
           Version: 4.0.3 Final
          Platform: PC
               URL: http://www.banksiel.it
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Critical
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: m.ratto@banksiel.it


This is the problem:
1) Login Page (index.jsp) where the user must to write user and pass.
2) An Authentication Servlet that verify user/pass on a DB. And if it is all 
correct, create a new session, add an object on the session with all the 
information of the user (first name, last name, address, ecc.)
3) homepage.jsp that open 3 frame (top.jsp, menusx.jsp and main.jsp)
4) The main.jsp refresh the top.jsp for writing some information about the user 
on thw browser (first name, last name).

If two person login in the same time (< 1"), one take the same sessionID of the 
first and so the page "top.jsp" shows the same data.After, the session for the 
second person is corrupted.

If someone wants verify this, this is the url:
http://expertaweb.banksiel.it/index.jsp

Note that this problem is only with Windows 2K, with Linux Red Hat 7.3 or 8.0 
or AIX or with Application Server (Bea, Oas for example) there is not!

Thanks
Marco

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>