Hello everybody,
I still have many problems to manage my session tracking... I work on an intranet
portal using NT4 / IIS / Resin 1.1. When the user logs on, an instance of User class
is instanciated, with the user's configuration, and this instance is stored in the
session. It looks like that :
<%
HttpSession sess = req.getSession(true);
MGUser mgUser = new MGUser(cookieCode, req.getServerName());
sess.setAttribute("sessionMGUser", mgUser);
%>
Then, at the top of every page, the User object is retrieved with :
<%!
MGUser mgUser;
HttpSession sess;
%>
<% sess = request.getSession(false);
if (sess==null) response.sendRedirect(AUTH_FORM_URL);
mgUser = (MGUser)sess.getAttribute("sessionMGUser");
%>
This seems to work fine, but...
when the user logs out, or kills the browser, and another user tries to log in,
the second user retrieves the first one's configuration !!!
Well, I have noticed that a JSESSIONID cookie was set by the server to track the
session, but even when I clear (overwrite) this cookie, the problem is not solved.
Can anybody explain me how to efficiently manage sessions ?
Regards,
Franck
���`����,��,����`����,��,����`����,��,����`����
FRANCK RAGEADE
Skill Group e-Business
SBA 67 - France & Abroad
Cap Gemini France - Division Rh�ne-Alpes
11, Chemin des Pr�s
ZIRST 4403
38944 Meylan , France
LoginId: frageade
Email: [EMAIL PROTECTED]
Phone: +33 (04) 76 76 47 65
Fax: +33 (04) 76 41 24 61
���`����,��,����`����,��,����`����,��,����`����
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
