Btw, Jason, I have verified that the domain is the same. -h
On Wed, Aug 25, 2010 at 9:55 AM, Hisham <mohis...@gmail.com> wrote: > Chris, thanks for your reply! > >> 1. Are you using cookies? If you don't properly encode all the URLs in >> your webapp, you could be losing session information when cookies are >> /not/ being used. It sounds like you are using cookies, though, given >> your statement about using Firebug to read the headers en route. > > I'm not using any cookies. Also i want to stress the fact that the > app works fine in my local environment. > >> 2. Even if your session id is okay, are you dumping the value of the >> "test attribute" for the session? Even though you aren't removing it, >> that attribute might have been damaged by something else. > > I've looked everywhere, and unless i missed something i don't think > this is the issue. > >> 3. You could write another filter that wraps your HttpSession when >> requested by the webapp and reports all modifications to it (that is, >> calls to setAttribute/removeAttribute/setValue/removeValue). > > How would I go about doing this? Is there a particular filter that > listens to attributes being changed? > >> 4. Any reason not to use the container-managed login and session >> management? Tomcat can take care of all this logic for you... > > Will eventually move to this, you're right. I am using Spring so will > use Spring security/Acegi. > > -h > > > > On Wed, Aug 25, 2010 at 9:31 AM, Christopher Schultz > <ch...@christopherschultz.net> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hisham, >> >> On 8/24/2010 10:30 PM, Hisham wrote: >>> Jason, you're right in that the tabs i was referring to were tabs >>> within my application. I will verify tomorrow whether the domain is >>> different, but i seriously doubt it. >> >> I have a few other things you could check out: >> >> 1. Are you using cookies? If you don't properly encode all the URLs in >> your webapp, you could be losing session information when cookies are >> /not/ being used. It sounds like you are using cookies, though, given >> your statement about using Firebug to read the headers en route. >> >> 2. Even if your session id is okay, are you dumping the value of the >> "test attribute" for the session? Even though you aren't removing it, >> that attribute might have been damaged by something else. >> >> 3. You could write another filter that wraps your HttpSession when >> requested by the webapp and reports all modifications to it (that is, >> calls to setAttribute/removeAttribute/setValue/removeValue). >> >> 4. Any reason not to use the container-managed login and session >> management? Tomcat can take care of all this logic for you... >> >> - -chris >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.10 (MingW32) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ >> >> iEYEARECAAYFAkx1GxQACgkQ9CaO5/Lv0PBChACfSn30308mX8fTcYDPFGnOHYYZ >> JlMAoIZ/d8ZpiJRwc+94pbwfDZAiaQWT >> =EiKI >> -----END PGP SIGNATURE----- >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
