Hi, > I think that this can be done because the proxy is returning a cached page > from another user. Because the request has the same URI from every user > (as long as I can see). The request URI does not have info about sessions.
If you are behind a proxy maybe you can configure it not to cache urls at http://internalserver:8080/theapp/. Or it helps if you do response.setHeader("Cache-Control", "No-Cache"); yours Christoph Gaffga [EMAIL PROTECTED] ----- Original Message ----- From: "Antonio Gallardo" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, November 30, 2002 9:32 AM Subject: [Authentication] - Generate javascript using XSP > Hi Cococoners! > > I am currently an application that is currently running on a test mode > with a small amount of users (20) in a Intranet environment. With the > following characteristics: > > The application is running behind a proxy. > The app use the authentication framework. > The app have a page called welcome that show the current user. > > I am currently having problem with session management: > > The users told me that sometimes when they are already authenticated and > request the welcome page, the response present another user. > > The page is called with http://internalserver:8080/theapp/welcome > > I think that this can be done because the proxy is returning a cached page > from another user. Because the request has the same URI from every user > (as long as I can see). The request URI does not have info about sessions. > But I read in the book from Carsten and Mathhew on page 303 (second > paragraph from the end): > > "The default is usually to use cookies, because the developer of the web > application does not need to do anything special to use them. ..." > > Please Dont let me wrong. I now that the problem is caused by me. :-D > > The menu of the application is a static Javascript file served with a > reader. This file hs no info about sessions. Now I realized that in order > to "set" a session into the request I need to include a parameter with the > SessionID for every request. I does not include it before because the > quote above. > > With this scenario my questions is: > > How I can ensure that every request URI from the user will have the > SessionID included or use the default cookies? > > For me this is not a trivial question, because: > > I thinked first: "OK, I will generate the menu.js on ther fly using XSP." > > But after think a while I realized that this issue will fall again in the > same category as the http://internalserver:8080/theapp/welcome explained > above. :-( > > Please tell me what can I do? > > I am currently thinking in calling the menu.js with the sessionID too. > > This will work or there is another easier way to do that? > > Many thanks in advance, > > Antonio Gallardo. > > > > > --------------------------------------------------------------------- > Please check that your question has not already been answered in the > FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> > > To unsubscribe, e-mail: <[EMAIL PROTECTED]> > For additional commands, e-mail: <[EMAIL PROTECTED]> > --------------------------------------------------------------------- Please check that your question has not already been answered in the FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> To unsubscribe, e-mail: <[EMAIL PROTECTED]> For additional commands, e-mail: <[EMAIL PROTECTED]>