All,
Looking at bug 10526 (http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10526) the patch below is proposed as the fix. Is there any reason not to apply it? I had a look at the spec for both sessions and authentication and couldn't see anything that would prevent it.
This could have some benefits in some situations, but I don't like the fact that there will be one session per authenticated user, regardless of what the application does.
Rémy
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
