This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I have implemented a web application, using JSPs and servlets, that runs in a tomcat server. It works with differents databases, using JDBC connections.
I have noticed that there is a "session swaping". Sometimes, a user that is working with one JSP retrieves data from other user's session, even if they are working with differents databases.
I have looked for something similar in google. There were only a few references, and they usually point to a memory problem.
Since I have changed the Tomcat configuration, the number of cases has decreased, but the problem is still persisting. The changes consisted in adding an executor and increasing the value of maxThreads in server.xml.
I thought that it could be a Tomcat's bug, but I am not sure. Some of the JSPs and servlets have static methods. Could it be the reason of the problem?
Although this is my first post, I have visited this forum many times.
Neither have I heard about this. It is very strange. In fact, I couldnt believe it until I have seen it by myself.
I was testing my web application to correct some errors. I have just invoked a servlet to retrieve data from a customer, called "A", (from data base number one), but the information recovered belongs to other, called "B" (from data base number two). At the same time, other user was working with customer "B" in database two, with the same JSP.
The number of users that are connected is not very high.
In my JSP I have instanced several variables and objects, to recover some auxiliar data from database.
First of all, there should be no Java scriptlets in modern JSP. That's a poor practice that has been discredited and obsolete for more than 10 years. Modern JSPs should use the JSTL and EL in place of Java code.
Secondly, instance variables should be avoided because they will be shared across multiple threads. Data should not be stored in instance variables. If the data is specific to a request, store it in request scope. If it's specific to a user, store it in session scope. If it's to be shared across the application, store it in application scope.
Joined: Jan 11, 2013
Yes, I have read about it in google. You are right: it was a thread safe issue. At last, I have found the problem.