> From: Pierrick Terrettaz [mailto:[EMAIL PROTECTED] > Subject: realm login and user session are not the same > > When a user logs in through the realm authentification > FORM method in the website, the username and login are > well checked but the user come in with the session of > an other user with roles of this other user.
This is almost certainly a problem in your webapp. It's usually caused by storing request- or session-specific references in the wrong scope (e.g., placing a reference to the current request in a servlet instance or static field). - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
