Today I deployed an application based on Wicket 1.3.3 that has close to 10.000 users. After a couple of hours we started getting reports
from users saying that even upon requesting the login-page, they were already logged in as an arbitrary user.
The users they were logged in as had previously performed a succesful login.
It seems like the wicket-sessions bleed over between different http-sessions. I tried changing from HybridUrlCodingStrategy to mounting the
pages with the normal mountBookmarkablePage() method, but the results are the same. I also tried downgrading to 1.3.2 with the same results.
Can anyone think of a logical mistake I might have made?
Sincerely,
Edvin Syse
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
