I'm using Seam Identity and it works fine for authentication for a single user testing environment.

Use Case : User 1 logs opens page 1, record 1 on his PC. User 2 opens the same page 1, same record 1 on his PC.
User 1 updates record 1, clicks 'Save'. Now, I have a code in my base entity class which updates updatedBy field

@PreUpdate
public final void refreshUpdateAuditInfo() {
      this.updatedDate = new Date(System.currentTimeMillis());
      this.updatedBy = Identity.instance().getUsername();
}

After a  successful 'Save', I redirect with this msg on page1 -- successfully saved by {updatedBy} {updatedDate}

To my surprise, the {updatedBy} is user 2 and not user 1! Add to add to that surprise, when I click on Save again on that page, I now see the correct user 1.

Any idea what's going on?