struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yasser Zamani <yasserzam...@apache.org>
Subject Re: Struts2 login action class seems to be reused
Date Thu, 08 Mar 2018 09:13:50 GMT


On 3/7/2018 11:23 PM, Prasanth Pasala wrote:
> If it is a session crossover we would display another user information without making
a login entry. In the cases where we had issue the code recognized that there is no active
session and went to the
> authentication part, authenticated the user and made a database entry for successful
login. The authentication is based on the form variables populated by struts into the action
class.

Ahaa... so, currently the only thing I can imagine is maybe this issue
raises up when you have two simultaneous requests: one with
username/password parameters, the other without (and both without any
active session). Could you please verify this with a lot of such pair
simultaneous requests using JMeter? i.e. create two simultaneous
requests, one of them contains username/password, the other one does
not. Add an assertion to the other one which checks if issue occurs.
Then tell JMeter to run this pair a lot of times, concurrently.

I hope you'll be able to reproduce the issue which is the half of the
resolution :)

Regards.
Mime
View raw message