> No proxy. Also rt is served over https. The session is really changing user > because when trying to do something that user A has access to I get > permission > denied due to B/C not having that access. > > Something else is going on.
* Can you capture the cookies on User A, User B, and User C's systems for each HTTP hit to see if 1) they change and 2) they are the same? A tool like the firefox developer toolbar is an easy way to do this. * Did this also happen with 3.8.5? There's a change to session handling in 3.8.6. _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com