We are running CAS 3.6 with tomcat 8 and in some instances when 2 users are logging in user A is logged in as User B on the client application. So the session information for the first user ends up being used. We noticed that in the tomcat access logs both users shared the same Jsessionid. It appears that a unique Jsessionid was not generated for the second user when they arrived on the login page. Has anyone encountered a similar issue? If so any suggestions. Thanks! ___________________ Juan Quintanilla jquin...@fiu.edu<mailto:jquin...@fiu.edu> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/MWHPR05MB28148A5469C89AAF6F4B1DA786020%40MWHPR05MB2814.namprd05.prod.outlook.com.