You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by David Rocks <da...@connecti.net> on 2003/04/04 13:42:18 UTC
HttpSession not exclusive to one client. Seems to be getting mixed up. swapping over.
We have a JSP/Struts application that runs on tomcat. We developed the system on windows and deployed on solaris.
When a user logs on to the system we store a UserValueObject on the session so that the code knows who it is dealing with. The problem is that on solaris the sessions attributes are not staying with that client. If i log on it might randomly take on the session of another user logged on and get the wrong attributes from that session. user1 turns into user2.
We have a struts action class that sets the user to the session, here is the code.
HttpSession session = request.getSession();
UserValueObject user;
UserManagerHome userManagerHome = remoteFactory.getUserManagerHome(); // session home bean
UserManager userManager = userManagerHome.create(); // session bean
if (userManager.isValidUser(username, password)) {
user = userManager.getUser(username);
// Save logged-in user in the session
session.setAttribute("user", user);
}
Am i doing something wrong in the code. Should i be doing something more? It works perfectly on windows 2000 which makes it all the more confusing. My tomcat is 3.3.1. Is there a config option i missed?
Any help or insight would be brilliant.
David Rocks
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: HttpSession not exclusive to one client. Seems to be getting mixed up. swapping over.
Posted by Bill Barker <wb...@wilshire.com>.
This is a known problem with TC3.3.1. See
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15894 for more details.
The fix is to use TC3.3.2-dev (aka nightly).
"David Rocks" <da...@connecti.net> wrote in message
news:24B2AF0F748C8A4BB4F38B6842B2A03605961E@connecti-03.connecti.ltd...
We have a JSP/Struts application that runs on tomcat. We developed the
system on windows and deployed on solaris.
When a user logs on to the system we store a UserValueObject on the session
so that the code knows who it is dealing with. The problem is that on
solaris the sessions attributes are not staying with that client. If i log
on it might randomly take on the session of another user logged on and get
the wrong attributes from that session. user1 turns into user2.
We have a struts action class that sets the user to the session, here is the
code.
HttpSession session = request.getSession();
UserValueObject user;
UserManagerHome userManagerHome =
remoteFactory.getUserManagerHome(); // session home bean
UserManager userManager = userManagerHome.create(); // session
bean
if (userManager.isValidUser(username, password)) {
user = userManager.getUser(username);
// Save logged-in user in the session
session.setAttribute("user", user);
}
Am i doing something wrong in the code. Should i be doing something more? It
works perfectly on windows 2000 which makes it all the more confusing. My
tomcat is 3.3.1. Is there a config option i missed?
Any help or insight would be brilliant.
David Rocks
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org