Hi, I have searched the tomcat bug list, and have found a few references where people are having doubts over the integrity of their HttpSessions.
We have a system where we use the session object to store RMI references which identify the user to a backend system. We have reason to believe that under load, sometimes a jsp page retrives the wrong session object, i.e another users session object. We are using tomcat 3.2.3 Final Release with jdk 1.3.01-beta24 on Solaris 8 (Sparc) with Apache 1.3.20 (mod_jk and ajp13). Has anyone else exprienced a similar problem ? Thanks Shahed.
