Michael,
Thank you so much for your reply. The login page is a JSP page. In the JSP
page, the login form's mothod is post and the action is a struts action.
After login, we did some internal redircts for security checking and then take
the user to the welcome page. The welcome page is generated from XML using
xslt.
We have a FrontController which extends ActionServlet from struts to handle
request and response. I kept very close watching of the requests. I am very
sure that the session has been established on the login page and kept valid
till the welcome's action got invoked and the welcome page got constructed.
After I clicked one of the links on the welcome page, I noticed that when the
FrontController got invoked, the session had became to null. So we lost session
before the next action class get invoked.
We can easier re-create the session object, but we lost the attributes we set
in the last session. The following action classes will need those attriutes.
I am wondering why the session keep valid if I login to the page again without
closing browser. But the session get lost if I open another browser to log in.
And another interesting thing is the session get lost in another place in the
production enviroment.
I am not sure this is a tomcat issue or a struts issue.
Michael, any help will be greatly appreciated.
---------------------------------
Yahoo! Sports
Rekindle the Rivalries. Sign up for Fantasy Football
