|
| Problem | Debugging a problem with one user seeing HttpSession data belonging to another user. | | Cause | One common cause of one user seeing HttpSession data belonging to another user occurs when a PrintWriter or a HttpServletResponse gets stored on a bean (or other object) that is eventually stored either on a session or in a globally (servlet level) accessed variable.
Another cause of this problem is the use of <%! ... %> in a JSP to declare variables. The proper use for the vast majority of applications is <% ... %> (no ! mark). The ! causes variables (and methods) to be declared at the Servlet level and shared across all requests for that JSP. Without the ! mark, variables are declared at the service() method level - private to each new incoming HTTP request. | | Solution | - Check your application code to ensure you are not storing a PrintWriter or HttpServletRespone within a session object.
- Check your JSPs to ensure you are not declaring variable using the following format: <%! ... %>. If you are, remove, the "!".
| |
| | |
| |
|
Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Sessions and Session Management Operating system(s): AIX, HPUX, Linux, Multi-Platform, Solaris, Windows Software version: 3.5, 4.0, 5.0, 5.1 Software edition: Advanced Reference #: 1175500 IBM Group: Software Group Modified date: 2004-07-29
(C) Copyright IBM Corporation 2000, 2004. All Rights Reserved.
|