• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Problem with session information

 
Gary Deromedi
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I have an app using servlets. The problem is I let a user log in to make changes to the information or update/add a new record to the database. I read her user id and give her supervisor control. So lets say she is in there making changes. Ok another person logs in (not a supervisor) to view records (not necessarily the same record). Well when the first person (supervisor) goes to save the record it won't let her because it has the permissions of the last person logged in who doesn't have the right to change records. How can I stop this? Is there something in the session attributes causing this? I print out who is logged in at the moment she goes to save and it shows the supervisor's name but won't let her save. Any ideas? Thanks
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
because it has the permissions of the last person logged in


What is "it".

Are you managing user rights at the context (application) level?
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sounds more like a thread safety problem caused by instance variables.

Gary, do you have any instance variables in your servlet?
 
Afroz Ahmed
Ranch Hand
Posts: 64
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It may be problem with thread issues.I think you are using local variable for user name and instance variable for the user authorizations (right to change).Instance variables are not thread safe.Use local variable instead.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic