How did you manage the session? Are you using container managed security? From your description, it seems that you manage sessions yourself. If that's the case, make sure you create a new session at login and invalidate session at logout ...
Dennis
On 4/22/2004 7:16 AM, [EMAIL PROTECTED] wrote:
The Login page is itself the Homepage of the site.Also try one more thing, on the first access do not use the URL of the login, instead use the URL of the homepage and let it redirect you to the login.
I tried to print the session ID and to find out if the session is new by these statements
System.out.println("session ID "+session.getId()); System.out.println("session isNew "+session.isNew());
For the first time when I entered betform.jsp it gave me session ID BC45E3915B4AC4E188E7E84D1AEC4E15 session isNew false
When I clicked on other links in the same betform.jsp, then it gave me this info session ID 9D0D8E423E875D6ED1D79770B2CB48CC session isNew false
and I was logged out. I logged in again and seen the output. Its session ID 9D0D8E423E875D6ED1D79770B2CB48CC session isNew false
and when I clicked on other links in the same page it gave me the same session ID.
session ID 9D0D8E423E875D6ED1D79770B2CB48CC session isNew false
I am really getting frustated with this Tomcat. Any help would be great.
Thank you, Uma
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
