• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: help - multiple users are getting the same session
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: help - multiple users are getting the same session

  • Subject: Re: help - multiple users are getting the same session
  • From: Chuck Hill <email@hidden>
  • Date: Wed, 15 Dec 2004 10:27:17 -0800
That could very well be the problem.  It might also be webperfcache:
http://www.google.com/search?q=webperfcache&ie=UTF-8&oe=UTF-8


On Dec 15, 2004, at 10:21 AM, Denis Stanton wrote:
I did try to compare the httpd.conf files, but the one on OS X Server is very different from the one on my local OS X test box.
I noticed that the server where the problem occurs has the line
LoadModule proxy-module
The same line is commented
# LoadModule proxy-module
on my test machine where the problem does not occur.

Is this a bit of sneaky sabotage in Apache? If it was this easy to destroy WebObjects' session model I think it would be well known

regards

Denis


Le 04-12-15, à 05:44, Denis Stanton a écrit :

Hi

I've found a serious problem with my WebObjects application. It has been running for over a year, but over the last few days users have been reporting that the login name, which is displayed at the top of the window, is actually someone else's, not the one they entered.

I didn't believe it but now I've visited the client and seen it for myself. It's worse than they said. The users are actually all being given the same session.

When several users log in within a short space of time the first one gets a new session and then the others are given the same session. The results for the application are catastrophic. It handles vehicle reservations with most of the data for a booking being carried in the session class. There are only a small number of users as the application is only used within the company, but when several of the reservations staff are actively editing the same session things get very untidy very quickly.

I have done some simple tracing and found that createSessionForRequest(...) is not being called when a new user accesses the web server with the URL http://myserver/cgi-bin/WebObjects/MyApp.woa. It is behaving as if each new user was supplying a URL including an existing session ID. I suppose this is what happens when cookies are used, but I have not put in any code for cookies.

It does not happen when I compile and run the application in direct connect mode and it does not seem to happen when I test deploy the application through Apache on my development computer. - Mac OS X 10.3.6, WebObjects 5.2.3

It does happen when the application .woa file is copied over to the remote server which is running OS X Server 10.3.6, WebObjects 5.2.3

I don't have exclusive control of the server. Is it possible that the administrator has changed the configurations so it is holding the session ID and giving it out to anyone who asks? When I have tested the login procedure I have used multiple tabs in Safari to login with different names, and then tried multiple windows in Safari. I am assured it happens with multiple separate computers, both Mac and Windows. Most of these computers would be on a LAN sharing a DSL connection to the server which is remotely hosted. I am told that even the small group of staff connecting from another city may find they are sharing the same session.

Has anybody seen this? It seems to have only happened in the last few days, but I can't imagine what has made it possible.

Thank you for reading such a long message.

Denis Stanton


Denis Stanton
email@hidden
Home: (09) 533 0391
mobile: 021 1433622 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
email@hidden

This email sent to email@hidden
Denis Stanton
email@hidden
Home: (09) 533 0391
mobile: 021 1433622
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
village.net

This email sent to email@hidden
--
Practical WebObjects - a book for intermediate WebObjects developers who want to increase their overall knowledge of WebObjects, or those who are trying to solve specific application development problems.
http://www.global-village.net/products/practical_webobjects



_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: help - multiple users are getting the same session

      • From: Brian Costlow <email@hidden>
      • 





References: 


 >help - multiple users are getting the same session (From: Denis Stanton <email@hidden>)


 >Re: help - multiple users are getting the same session (From: Denis Stanton <email@hidden>)






    

  • Prev by Date:
Re: help - multiple users are getting the same session

    • 

  • Next by Date:
Re: help - multiple users are getting the same session

    • 

  • Previous by thread:
Re: help - multiple users are getting the same session

    • 

  • Next by thread:
Re: help - multiple users are getting the same session

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •