tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <>
Subject RE: realm login and user session are not the same
Date Thu, 21 Feb 2008 17:58:34 GMT
> From: Pierrick Terrettaz [] 
> Subject: realm login and user session are not the same
> When a user logs in through the realm authentification 
> FORM method in the website, the username and login are 
> well checked but the user come in with the session of 
> an other user with roles of this other user.

This is almost certainly a problem in your webapp.  It's usually caused
by storing request- or session-specific references in the wrong scope
(e.g., placing a reference to the current request in a servlet instance
or static field).

 - Chuck

MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message