Hi
I had a similar problem, when I open two differents windows of Firefox I get twice the same session ID with 'HttpSession session = request.getSession(true);'.
The problem occurs only with Firefox, using IE 7 everything works well.
I use struts 1.3.9 and JSP so this is what I do to solve the problem.
When the user log in I create a new sessionID:
HttpSession session = request.getSession(true);
After that I read the timestamp and save it into the SID.
Date now = new Date(System.currentTimeMillis());
session.setAttribute(now.toString(), MyObject);
and I forward this SID to the others JSP pages:
ActionForward actionForward = mapping.findForward("success");
ActionForward newActionForward = new ActionForward(actionForward);
newActionForward.setPath(actionForward.getPath() + "?id=" + now.toString());
return newActionForward;
If I can�t transmit the SID through struts I send it with a hidden field in my html form.
If the SID is transmitted through the form I retrieve its value with
sessionID= request.getParameter("id");
and if its sent with struts I retrieve its value with request.getQueryString(); and parse the return value.
Once I have the SID value on the other page I can retrieve My session object with
session.getAttribute(sessionID);
By this way I use the same HttpSession object for many instance of firefox opened without perturbation between them.
With IE its saves in a different cookie each HttpSession created, even from the same IP