User session hi-jacked on web

Not sure if the subject describes issue, but here is the scenario. I had a user call me today they had signed in as their userid "USERA" on the web client but once they went to query the data they realized they were signed in as a completely unrelated user "USERB", I had her go into work with submitted jobs and low and behold she was seeing the jobs sumtitted by "USERB".

USERB is in a completely different location in the organization, can anyone suggest how USERA captured USERB's session.

Signed
Confused

This is quite remarkable!

I have not seen this issue yet, but given that all sessions are maintained within a single Java application server, I have always suspected that such issues may sometimes happen.

Are you using WAS or OAS? (and what version?)

If a customer has either a portal or SSO configuration in place (or both), it is possible to map an authenticated user to a different users JDE profile (referenced in the F0092) via the F00927 table. I can't guess as to whether or not you have either portal or SSO, but if you do, any chance someone could have been "experimenting" with that feature?

I'm sure, as Alex suggests, it is possible for something like this to happen to an ordinary JAS user, but I've never seen it outside of the example I provided.

Well thanks for your input,
Answers to your questions
1. We are on WAS 6.1
2. We dont user the portal
3. The table F00927 doesn't exists in our release.

A few other notes,
1. we don't make use of roles.
2. When "USERA" launched a second session and and signed in as themself everything worked fine.
3. Both users are in the same intranet.
4. The only message I seen in the stderrlog around the same time was the following message.
SystemOut O ClientInfo: Unknown client display type. URL:/servlet/com.jdedwards.runtime.virtual.VCServlet

Are you using any Big-IP product like F5? We have seen this behavior when caching is turned on for F5.

DeRay