tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: how to invalidate old sessions when new user access appl on same machine
Date Fri, 19 Dec 2008 12:05:54 GMT
Vishnu Vardhana Reddy wrote:
> hi all,
> 
> I am using Mozilla browser to access my web application.User one access my
> application using his credentials .but i left that browser open.after that I
> am opening the another Mozilla window and accessing my application using
> different credentials ex:user2 credentials .user 2 also can access my
> application.but when i open the first browser ..am automatically getting
> second user session.how can we avoid this problem.
> 
Well, user1 should not leave his window open when he goes off to drink a 
coffee.  That's basic security.  After all, you do not leave your 
bank-card in the cash machine for the next user, or do you ?



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message