tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Plate <steve_pl...@yahoo.com>
Subject Re: Duplicate session IDs are *common*
Date Fri, 10 Jan 2003 18:16:45 GMT
I saw another problem that had similar symptoms to
duplicate
session ID's. My application was getting collisions
between different users having the same session ID
using
tomcat 4.0.5. I found that the request headers were
not
being cleared out when they were recycled so that
cookies
from a current request were added to the cookies on
the
previous request. Since only the first JSESSIONID
cookie
is used to obtain the session id both users ended up
with
the same session id. I solved this in my application
by
using rewritten URLs instead of cookies. I was unable
to
find a bug in examining the tomcat code. I did not
check
the mod_jk code.

Steve

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message