Hi there, We have an app fronted with Apache 2.2.10 with all default apache enabled modules.
Rarely and randomly, we would encounter session swapped among logged in users. Say I have two logged in users in two browsers: A and B. They logged in and each have a unique session cookie. However at random times, a user A web request will end up using user B's session (i.e. A's web request will come back as if user B submitted it), and then from that point on, user A's browser session cookie is changed to that of user B's, where user B continues to have the *same* cookie in his cookie file. Now one can use user A's browser as if user B had logged in on it. Has anyone seen this odd behavior? I have searched around and it looks very similar to this issue: http://httpd.markmail.org/thread/h2lk3oikjlgv24be Any help would be highly appreciated! Thanks!
