I recently run into https://issues.apache.org/bugzilla/show_bug.cgi?id=49417 and it reminded me of your case, so take a look, perhaps it's related (assuming the getLocale() change you mentioned didn't help)
In short, that bug report mentions: "when you use mod_proxy to connect to a backend tomcat server and apache is configured to timeout before tomcat, a connection to the backend tomcat server is placed back into the pool of existing connections with what ever data that was destined to the original caller waiting to be retrieved by the next caller to take this connection from the pool. In our application which is statefull, this lead to customer's sessions crossing and customer A saw customer B's data." On Sat, Feb 5, 2011 at 13:48, Pepijn Schmitz <capt...@chaos.demon.nl> wrote: > Hi Koka, > > Yes, we use it for every request. The application is not even reachable over > port 80. :-) > > It seems we found the problem though. It looks like it was caused by > overriding getLocale() in our page base class, although I'm not sure the > problem is 100% gone now, and I don't fully understand how that caused the > problem in the first place. We're still waiting for a busy day to know for > sure that the problem is gone now... > > Kind regards, > Pepijn Schmitz > > On 03-02-11 07:25, Koka Kiknadze wrote: >> >> As your problem persists I dare to get back to my initial response. You >> said >>> >>> We're already using HTTPS >> >> Usually HTTPS is used only at the authentication page. Are you sure you >> have >> tested it with HTTPS for every single page? >> > > > -- Andreas Andreou - andy...@apache.org - http://blog.andyhot.gr Tapestry PMC / Tacos developer Open Source / JEE Consulting --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
