I am experiencing a session data crossover issue (immediately after logging on to the application, user A views the session data of user B). I have investigated the issue up to a particular point - by also adding some pertinent logging to the application - and it appears that, while the session is correctly populated with the user data and the servlet/POJO level, *after forwarding to the JSP, the JSP grabs a wrong session....* ??
Please note that this is an application that run for four (4) years now in production, and the problem starting occurring without any change is the session management code of the app... Could it be a caching issue? It happen non-deterministically to *some* users...
The relevant code snippets are as follows:
THANKS!!! [ May 25, 2007: Message edited by: Paul Clapham ]
I face a similar problem. My research on this issue till now has just lead to a discovery of a property called "DebugSessionCrossover" in Websphere. This is a custom property which needs to be set to "true" in the webcontainer custom properties. This will help in detecting a session crossover(which is normally not a very consistent problem to reproduce). It provides a log in the systemout.log with the stack trace of the thread which is causing the fault.
I have not solved the problem yet, but this could be the first step towards the solution. Anyone who has a tip or solution, please help me.