i am a new developer & using jboss 3.2.2.i get a problem.whenever a user logs in his session persists and any one can then log in to the system.can some one tell how to modify the behaviour of the default cookies and session id set by tomcat?
please help me out.
This will probably require quite a bit more of an explanation.
How are you connecting as a second user? Which browser are you using? Is the second user using a browser on the same machine or is this a different machine?