Thanks for the help, the problem was in my programming, I used global
variables to store user information and when two users trying to log into
same instant, both sessions take erroneous data.
Thanks again for help
2013/11/13 Terence M. Bandoian tere...@tmbsw.com
On 11/11/2013 3:58 PM,
On 11/11/2013 3:58 PM, Christopher Schultz wrote:
Terrence,
On 11/11/13, 4:31 PM, Terence M. Bandoian wrote:
On 11/11/2013 2:29 PM, Jose Irrazabal wrote:
Thanks for the reply
I generate the session in a servlet in doPost method that would
be:
protected void doPost (
Hi All,
I use Apache Tomcat/7.0.29 to deploy my applications, and I'm with a
problem of duplicated user session or something, as uncertain occurs when a
user adquire a session takes of another user and I reported 3 cases of this
type of security error.
I need your help to know how the JSESSIONID
On 11/11/2013 11:54, Jose Irrazabal wrote:
Hi All,
I use Apache Tomcat/7.0.29 to deploy my applications, and I'm with a
problem of duplicated user session or something, as uncertain occurs when a
user adquire a session takes of another user and I reported 3 cases of this
type of security
Thanks for the answer, then it can be when generating the session?
I use a servlet to create the session with the code:
*HttpSession session = request.getSession ();*
Then I add the attributes:
*session.setAttribute (idUser p_iduser);*
* session.setAttribute
With this code, you're not *creating* a session, you're retrieving the
session that the user has connected with (request.getSession()).
Usually this king issue occurs when the variable session is stored
with an inappropriate scope, so that it is accessible from more than one
class instance.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jose,
On 11/11/13, 8:24 AM, Jose Irrazabal wrote:
Thanks for the answer, then it can be when generating the session?
I use a servlet to create the session with the code: *HttpSession
session = request.getSession ();* Then I add the attributes:
Thanks for the reply
I generate the session in a servlet in doPost method that would be:
protected void doPost ( HttpServletRequest request , HttpServletResponse
response)
throws ServletException , IOException {
*/ / create the session*
HttpSession session = request.getSession ( ) ;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jose,
On 11/11/13, 3:29 PM, Jose Irrazabal wrote:
I generate the session in a servlet in doPost method that would
be:
protected void doPost ( HttpServletRequest request ,
HttpServletResponse response) throws ServletException , IOException
{
On 11/11/2013 2:29 PM, Jose Irrazabal wrote:
Thanks for the reply
I generate the session in a servlet in doPost method that would be:
protected void doPost ( HttpServletRequest request , HttpServletResponse
response)
throws ServletException , IOException {
*/ / create the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Terrence,
On 11/11/13, 4:31 PM, Terence M. Bandoian wrote:
On 11/11/2013 2:29 PM, Jose Irrazabal wrote:
Thanks for the reply
I generate the session in a servlet in doPost method that would
be:
protected void doPost ( HttpServletRequest
11 matches
Mail list logo