Look for static variables on your code too, they may be erroneous sharing
values between session.
On Fri, Jan 8, 2010 at 10:00 AM, Pedro Santos <pedros...@gmail.com> wrote:
> If your servlet container bind an different session for your users
> requests, you get the problem described too. Only one property of your
> session has user B values for user A requests? Or the entire session are
> different?
>
>
> On Fri, Jan 8, 2010 at 9:52 AM, Pieter Degraeuwe <
> pieter.degrae...@systemworks.be> wrote:
>
>> That's very odd... As I understood, methods on the Session can be called
>> by
>> several threads. So, Session methods must be thread safe.
>>
>> Maybe something is wrong with your dao. (Since that wone will be called by
>> multiple threads a the same time...)
>>
>> Pieter
>>
>> On Fri, Jan 8, 2010 at 12:17 PM, Soumya <soumya_...@yahoo.co.in> wrote:
>>
>> > Hi all,
>> > I am fairly a newbie in wicket and would appreciate your help!
>> >
>> > I
>> > have a wicket application which are used on Live by more than 500
>> > users. Now the problem which has arisen is - say User A logs on - he is
>> > able to view details of User B. It has happened for different users and
>> > I am trying to dig the real reason.
>> >
>> > Here is my code details -
>> > 1) I use Hibernate to fetch 'Account' objects from backend passing on
>> the
>> > username/password.
>> >
>> > 2) I use
>> > MyAppSession extends WebSession
>> > {
>> > private Account account;
>> >
>> > public InboundSession(Request request)
>> > {
>> > super(request);
>> > }
>> >
>> > public void setAccount(Account account)
>> > {
>> > this.account = account;
>> > }
>> >
>> >
>> > public Account getAccount()
>> > {
>> > return account;
>> > }
>> >
>> > public boolean isUserLoggedIn()
>> > {
>> > return account !=null;
>> > }
>> >
>> > }
>> >
>> > So
>> > effectively I check if the Account object in session is null or not and
>> > accordingly decide whether a user is logged in or not.
>> >
>> > 2) In Login class I pass on the username/password to HibernateAccountDao
>> > and fetch the Account object.
>> > Account account = accountDao.getAccount(username, password)
>> > MyAppSession session = (MyAppSession )getSession();
>> > session.setAccount(account);
>> > setResponsePage(Home.class);
>> >
>> > So effectively I fetch the accout object using hibernate and store it in
>> > wicket session.
>> > But I am not sure how these account objects are getting mixed up between
>> > users.
>> >
>> > Please can someone lead me to the route cause of the issue?
>> >
>> >
>> > Thanks in advance!
>> > SSP
>> >
>> >
>> > The INTERNET now has a personality. YOURS! See your Yahoo!
>> Homepage.
>> > http://in.yahoo.com/
>>
>>
>>
>>
>> --
>> Pieter Degraeuwe
>> Systemworks bvba
>> Belgiƫlaan 61
>> 9070 Destelbergen
>> GSM: +32 (0)485/68.60.85
>> Email: pieter.degrae...@systemworks.be
>> visit us at http://www.systemworks.be
>>
>
>
>
> --
> Pedro Henrique Oliveira dos Santos
>
--
Pedro Henrique Oliveira dos Santos
