On 19/01/11 13:02, IGnatius T Foobar wrote:
>Even after you explicitly log out of one of the accounts? What does
>"logout" mean in such a case? Is the message requested in the context of
>the logged-out account, or the new logged in account?
Try it again now; it *should* theoretically act like "any other web site"
at this point. If you log out from one window, the session should be logged
out and the other window should reflect that as well.
Thanks; I'll try it.
But, to be clear, as I think I failed to be clear:
window-1 was logged in as user-1
window-2 logged out as user-1 and logged in as user-2
window-1 could still read messages from user-1
window-2 could still read messages from user-2
So the same browser had read-access to two different accounts at the
same time.
I don't see how each browser was routing to a different webcit->citadel
session so it suggests that a session was reading messages that did not
belong to the logged in user.
That's a different problem to logout plain not working.
Sam
