tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Terence M. Bandoian" <tere...@tmbsw.com>
Subject Re: Sessions
Date Thu, 28 Jun 2007 06:21:33 GMT
Hi-

Are both users accessing the web application from the same computer?

-Terence M. Bandoian
 terence@tmbsw.com

> Hi:
>
> Thanks David, Chris and Martin for the responses. I appreciate them.
May be I didn't explain the
situation properly in my posting. I will try to explain better -
>
> The application has pretty decent authentication mechanism that
differentiates between users,
roles and permissions etc. What the application need to maintain is user
object information
specifically - name, role, dept - to be used across other pages of the
application. Since we are
using session as datum -  after 2nd user logs in ... the 1st user object
is overwritten with 2nd user
information. This creates problems specifically while logging out. In
the application we are making
sure that only one user login is allowed per user. This also complicates
when we are attempting
to create audit log of the user operations. Even though an operation is
performed by the 1st user
the audit log registers it as the operation performed by 2nd user. This
messes up the whole point
of creating audit logs.  Also, for the question of Chris - there could
be a need for two different
users with different roles could try to login and that is when we are
having this problem. Thanks
again for the feedback.
>
> regards,
> vasu


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message