This week's book giveaways are in the Java EE and JavaScript forums.
We're giving away four copies each of The Java EE 7 Tutorial Volume 1 or Volume 2(winners choice) and jQuery UI in Action and have the authors on-line!
See this thread and this one for details.
The moose likes JSP and the fly likes session management problem with iframes Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "session management problem with iframes" Watch "session management problem with iframes" New topic
Author

session management problem with iframes

sombra flores
Greenhorn

Joined: Jan 21, 2007
Posts: 4
Dear All

This is my first post at the JavaRanch, so my apologies in advance for any learning curve issues, such as posting to the correct topic.

The problem I am encountering is that the JSP rendered in the iframe in the main page of my web app is causing a second session to be created. Once that happens, response.encodeURL() stops working. It does not throw any Exception. It just does not append jsessionid or its value to the URL as expected.

Using an HttpSessionListener I have verified that additional sessions are being created in response to each request to the JSP contained in the iframe. I was surprised that tomcat 5.0 was not able to recognize that the request came from the same user.

At this point I am sbout to write off trying to mix sessions and iframes. My boss want to stick with iframes. If necessary, I can work around not using the session object, even if it means reinventing the wheel -- something I would rather not do.

I spent the last hour reviewing various Java Ranch postings, and a few indicated similar problems, other posting hinted to some dificulties with iframes but no solutions to my particular problem.

My technical environment is:

tomcat 5.0 running on localhost
IntelliJ 5.1
Windows XP Professional
Java 1.5
Internet Explorer 6.0.2

Is there something simple that I am overlooking or should I just forget about trying to mix sessions and iframes?

Thanks in advance.

Sombra Flores


MCSE, MCSD, SCJP, SCJD
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61084
    
  66

Have you tried it in other browsers?


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
sombra flores
Greenhorn

Joined: Jan 21, 2007
Posts: 4
I could try a different browser to see what happens, but it won't solve the problem. Lots of users are going to be using IE 6. Browser choice is outside my control. My feeling is if it is a recent browser and from a mainstream vendor it should interoperate as part of an end-to-end solution.

For what it's worth here is a link to a previous discussion on JavaRanch in September 2006 for the exact same problem:

http://www.javaranch.com

Is does not sound like it was ever resolved.

My apologies for making a double posting. Now I know that JSP is the preferred forum for this and I'll not make the same error twice.

thanks

Sombra Flores
Lucas Lee
Ranch Hand

Joined: Oct 02, 2006
Posts: 53
I have a very simple solution to your situation, although it's not perfect.
Use a index.jsp as your web application welocome page, then redirect to your frame set page, so that it doesn't change your application behavior while make sure that create one single session before accessing frame set page.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61084
    
  66

Originally posted by sombra flores:
I could try a different browser to see what happens, but it won't solve the problem.


At no point did I say to tell your users to use a different browser.

Trying it another browser is the first debugging step to take to determine if the problem lies in the server or the client.

Why post if you are going to disregard the responses?
Stefan Evans
Bartender

Joined: Jul 06, 2005
Posts: 1018
Can you show some code for displaying the IFrame?
Stupid question I guess, but are you encoding the URL which is used as the src attribute in the <iframe> tag?
sombra flores
Greenhorn

Joined: Jan 21, 2007
Posts: 4
Thanks all. I am impressed (and grateful) that so many persons are taking an interest in this.

Bear - Sorry again. I did not mean to sound condescending. Your suggestion to try another browser to narrow down possible causes is a good one. I will install Firefox and check it out. I am having to do this on my own time (i.e. outide of normal working hours), because management says it's time to move on to building the next web app. The current app works, even if it is hideously inefficient in managing session resources, because it keeps creating new sessions for the same user. However I would still like to get to the bottom of this problem, since I don't want to make a habit of writing unscaleable apps, or not taking advantage of sessions.

Lucas - I am not using a frameset, just iframes embedded in JSPs. I can try redirecting as you suggest, although from using trace messages and step-through debugging, the multiple session / same user problem occurs as soon as the jsp in the iframe executes.

Stefan - I am including both JSPs. (A string search on encodeURL will get you to the relevant parts quickly). I hope I am making a dumb mistake. It wouldn't be the first time that another, more experienced, pair of eyes, pointed out something I was blind to. Although I have done a fair amount of ASP programming, this is my first JSP/Servlet web app, so I am sure I have lots to learn yet. By the way, yes, I am not (yet) encoding where all other pages are opened by buttons via JavaScript, but it's on the "find a way" list if I ever get this problem resolved.

thanks

Sombra Flores
(code for main JSP and its IFRAME follows, plus tomcat console messages showing second session created, organization name has been changed to
"confidential")

=============
Lucas Lee
Ranch Hand

Joined: Oct 02, 2006
Posts: 53
This is a strange problem, If you tried my solution and still failed.
I'll advise you to confirm your browser enabled cookie functionality.
Or, you should test it using another browser for confirming this problem is not relative to browser.
 
Consider Paul's rocket mass heater.
 
subject: session management problem with iframes