Thanks for looking into this Yasser. In the current setup we have, we don't have a cluster, it is the only server handling all requests.
If it is a session crossover we would display another user information without making a login entry. In the cases where we had issue the code recognized that there is no active session and went to the authentication part, authenticated the user and made a database entry for successful login. The authentication is based on the form variables populated by struts into the action class. Thanks, Prasanth On 03/07/2018 01:22 PM, Yasser Zamani wrote: > > On 3/7/2018 7:34 PM, Prasanth wrote: >> I can't say that 2 percent of users were able to get in without >> username/password. As I have ran the JMeter tests a lot of times (each run >> with 100 users). Only during one of those runs of JMeter I >> had 2 requests get users home page when Login.action was requested (with out >> username/password). >> >> Below is the Login.action code. Removed the code that fetches the data for >> home page. > Thanks! I see you use session also. > > Looks like a bug with Undertow web server [1]. I'm not familiar with it > so you may open an issue there and copy paste this thread there. They > may have some idea as it seems they have similar issues with session > which I linked below. > > Good luck. > > [1] > https://issues.jboss.org/browse/JBEAP-6683?focusedCommentId=13340535&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-13340535 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] >
