I'm using "org.apache.catalina.authenticator.SingleSignOn" for single sign on with container-based security.
I have a question about session time outs. When the session for a given application times out, if a user attempts to access the application after the session has timed out, the user should have to login again, correct? According to the documentation, this is the case. However, I'm finding that it intermittently lets you continue before going to the login page. i.e. the user can still access the pages, but, the session is cleared. Has anyone else notices this? I'm wondering if this is a bug. Jon --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]