This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
This is my first post at the JavaRanch, so my apologies in advance for any learning curve issues, such as posting to the correct topic.
The problem I am encountering is that the JSP rendered in the iframe in the main page of my web app is causing a second session to be created. Once that happens, response.encodeURL() stops working. It does not throw any Exception. It just does not append jsessionid or its value to the URL as expected.
Using an HttpSessionListener I have verified that additional sessions are being created in response to each request to the JSP contained in the iframe. I was surprised that tomcat 5.0 was not able to recognize that the request came from the same user.
At this point I am sbout to write off trying to mix sessions and iframes. My boss want to stick with iframes. If necessary, I can work around not using the session object, even if it means reinventing the wheel -- something I would rather not do.
I spent the last hour reviewing various Java Ranch postings, and a few indicated similar problems, other posting hinted to some dificulties with iframes but no solutions to my particular problem.
My technical environment is:
tomcat 5.0 running on localhost IntelliJ 5.1 Windows XP Professional Java 1.5 Internet Explorer 6.0.2
Is there something simple that I am overlooking or should I just forget about trying to mix sessions and iframes?
I could try a different browser to see what happens, but it won't solve the problem. Lots of users are going to be using IE 6. Browser choice is outside my control. My feeling is if it is a recent browser and from a mainstream vendor it should interoperate as part of an end-to-end solution.
For what it's worth here is a link to a previous discussion on JavaRanch in September 2006 for the exact same problem:
I have a very simple solution to your situation, although it's not perfect. Use a index.jsp as your web application welocome page, then redirect to your frame set page, so that it doesn't change your application behavior while make sure that create one single session before accessing frame set page.
Can you show some code for displaying the IFrame? Stupid question I guess, but are you encoding the URL which is used as the src attribute in the <iframe> tag?
Joined: Jan 21, 2007
Thanks all. I am impressed (and grateful) that so many persons are taking an interest in this.
Bear - Sorry again. I did not mean to sound condescending. Your suggestion to try another browser to narrow down possible causes is a good one. I will install Firefox and check it out. I am having to do this on my own time (i.e. outide of normal working hours), because management says it's time to move on to building the next web app. The current app works, even if it is hideously inefficient in managing session resources, because it keeps creating new sessions for the same user. However I would still like to get to the bottom of this problem, since I don't want to make a habit of writing unscaleable apps, or not taking advantage of sessions.
Lucas - I am not using a frameset, just iframes embedded in JSPs. I can try redirecting as you suggest, although from using trace messages and step-through debugging, the multiple session / same user problem occurs as soon as the jsp in the iframe executes.
Sombra Flores (code for main JSP and its IFRAME follows, plus tomcat console messages showing second session created, organization name has been changed to "confidential")
Joined: Oct 02, 2006
This is a strange problem, If you tried my solution and still failed. I'll advise you to confirm your browser enabled cookie functionality. Or, you should test it using another browser for confirming this problem is not relative to browser.