-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hisham,
On 8/24/2010 10:30 PM, Hisham wrote: > Jason, you're right in that the tabs i was referring to were tabs > within my application. I will verify tomorrow whether the domain is > different, but i seriously doubt it. I have a few other things you could check out: 1. Are you using cookies? If you don't properly encode all the URLs in your webapp, you could be losing session information when cookies are /not/ being used. It sounds like you are using cookies, though, given your statement about using Firebug to read the headers en route. 2. Even if your session id is okay, are you dumping the value of the "test attribute" for the session? Even though you aren't removing it, that attribute might have been damaged by something else. 3. You could write another filter that wraps your HttpSession when requested by the webapp and reports all modifications to it (that is, calls to setAttribute/removeAttribute/setValue/removeValue). 4. Any reason not to use the container-managed login and session management? Tomcat can take care of all this logic for you... - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx1GxQACgkQ9CaO5/Lv0PBChACfSn30308mX8fTcYDPFGnOHYYZ JlMAoIZ/d8ZpiJRwc+94pbwfDZAiaQWT =EiKI -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org