struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "McDowell, Paula" <Paula.McDow...@SUG.com>
Subject RE: Session Data overlap?
Date Sat, 31 May 2008 14:17:33 GMT
My thoughts too, but this is when the sharing begins displaying the data
from another user's session.  Not realizing it is NOT their account
information they proceed with submitting the form for an update.  For
example, pay bill.  Without looking at the account information on the
screen, the user assumes that since they authenticated with their user
id and password that it is THEIR account information being displayed, so
they continue with entering payment information and submitting the form.
Originally, it was the account stored in session, but at some point, for
example when the pay bill page displayed, it was using the account
object from another user's session.

I'm not sure why we are having the issue of session data being shared.
I'm resorting to finding someone who has either seen something similar
or can recommend a workaround.

Any suggestion at this point will be extremely helpful!

Paula

-----Original Message-----
From: news [mailto:news@ger.gmane.org] On Behalf Of Laurie Harper
Sent: Thursday, May 29, 2008 5:59 PM
To: user@struts.apache.org
Subject: Re: Session Data overlap?

That wouldn't be an issue, in and of itself; it's normal usage. What 
makes you think that's the source of the problem?

L.

McDowell, Paula wrote:
> There are session variables that are used in the jsps to display the
> account information.  I think it's here where the problem lies, but
I'm
> not sure why.  Here is an example of the account session variable
being
> used on the page.  Any thoughts as to why this would be an issue?
> 
> Thanks,
> Paula
> 
> <tr>
> 	<td>
> 		<c:out value="${account.custName}" />
> 	</td>
> </tr>
> 
> -----Original Message-----
> From: Dave Newton [mailto:newton.dave@yahoo.com] 
> Sent: Thursday, May 29, 2008 10:38 AM
> To: Struts Users Mailing List
> Subject: RE: Session Data overlap?
> 
> --- "McDowell, Paula" <Paula.McDowell@SUG.com> wrote:
>> Thanks.  I don't have any static variables. . . I'm assuming you are
>> speaking of the contextRelative attribute on forwards?  If not,
>> please explain actions defined as Context-level.
> 
> I think he was asking if your actions have any member variables that
> shouldn't be shared across requests/sessions/etc.
> 
> Dave
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
> 
> 
> Private and confidential as detailed here:
http://www.sug.com/disclaimers/default.htm#Mail . If you cannot access
the link, please e-mail sender.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Private and confidential as detailed here: http://www.sug.com/disclaimers/default.htm#Mail
. If you cannot access the link, please e-mail sender.

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message