On Fri, 25 Aug 2000, Curtis Maloney wrote:
> I'm using FSSession to store login details about visitors to our site. It
> is important that users only be able to see their own data (of course).
> Today, however, I find out that some mistakes have been happening. People
> are finding themselves logged in when they haven't yet, and others finding
> they're logged in as someone else. This is, obivously, a problem.
> I cannot see how this could be happening, since the Session ID is stored in
> a cookie, which should be unique to the client.
> I am using:
> Zope 2.1.6 on Solaris 2.7
> FSSession 0.4.0
Some internal testins has shown that is User A logs in with IE, and User B
opens the page fresh (from another machine) they will be logged in as User A.
But if User A logs in with NS, this doesn't happen.
I am really confused as to what's going on....
My only thoughts are that FSSession is perhaps getting confused by Apache,
but surely it would re-issue the same Session ID the request came in with?
Zope maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -