i have a jsp page, once the user logged in iam creating a session in the jsp page.When the user logged out iam invalidating the session.
when two users logged in, and if one user logged out, the other user session is also getting invalidated.I dont want this to happen i.e. evethough the first user logged out second can continue his work.
Can any one tell me how to solve this problem?
Abhishek
Ali Khalfan
Ranch Hand
Joined: Nov 03, 2007
Posts: 126
posted
0
i don't know what kind of application you'd do this in...never seen anything where two users would be on the same workstation...but my guess is that you could store the session variables on the server?
if (!session1.isNew()) { session1.invalidate(); out.println("Session Invalidated.."); } %>
here is the compose page, here iam checking the varaibale set in session if it is null iam forwarding back to login page..
<% HttpSession session1=request.getSession(); if (!session1.isNew()) { String check=(String)session1.getAttribute("check"); if (check==null) { %> <jsp:forward page="slogin.jsp"> <jsp:param name="memid" value="" /> </jsp:forward> <% } else { out.println("Session exists proceed to do the work"); } } else { %> <jsp:forward page="slogin.jsp"> <jsp:param name="memid" value="" /> </jsp:forward> <% } %>
dhwani mathur
Ranch Hand
Joined: May 08, 2007
Posts: 621
posted
0
Hi Abhishek!!!
1)First of all i will recommend you to use Code Tags while posting code in any forum,since your code was quit difficult to read,i simply got lost in it.
2)For each users Login a different session is created , and value is stored in it it is much like HashTable. A different set of data is kept for each visitor to the site.
3)One thing to ask is why you are not using the implicitly avaliable object session?
4)By default session is always set to true,so you can use
session.setAttribute("check",check); instead of this in your JSP.
5)If one user Logs-in the value is stored in session and later Logs out the session gets invalidated so all the attributes are lost. Now another user Logs-in again new session is created and values are set ,and now if you go to Compose page you will get that particular users info,and not the first users info.
6)I would suggest to go through this link it will help you to go ahead with sessions. Study sessions
May be this helps you to some extent.
SCJP(1.5),SCWCD(On the way) Dhwani:>Winning is not important but it is the only thing. [ April 29, 2008: Message edited by: dhwani mathur ]
Abhishek Reddy
Ranch Hand
Joined: Mar 28, 2006
Posts: 259
posted
0
thanks for the quick reply, this time i have made the code simple once the user logged in, he will move to session.jsp page
session.jsp page
once the user click the logout link, he will be logged out and session will be invalidated
logout.jsp page
here is the compose page, here iam checking the varaibale set in session.if it is null iam forwarding back to login page.
dhwani mathur
Ranch Hand
Joined: May 08, 2007
Posts: 621
posted
0
Hi Abhishek
So now how does it work?
i mean to ask do you get the expected results?
SCJP(1.5),SCWCD(On the way) Dhwani:>Winning is not important but it is the only thing.
Abhishek Reddy
Ranch Hand
Joined: Mar 28, 2006
Posts: 259
posted
0
no Mr. dhwani mathur, i didnot get the expected result the problem comes when i open a new window from an existing window.
i.e. for example , i have opened a new window and typed the login page url. now i opened another window from an exisitng window using control+N option. like wise i opened three windows.
So, when i open the windows in this fashion, session created in the main window will be same in all the windows that opened thru control+N option.
So, when the user logged out from any one of the windows, session will be invalidated in all the windows..
tell me how to sort this problem.
Jimi Svedenholm
Ranch Hand
Joined: May 19, 2001
Posts: 53
posted
0
Originally posted by Abhishek Reddy: no Mr. dhwani mathur, i didnot get the expected result the problem comes when i open a new window from an existing window.
i.e. for example , i have opened a new window and typed the login page url. now i opened another window from an exisitng window using control+N option. like wise i opened three windows.
So, when i open the windows in this fashion, session created in the main window will be same in all the windows that opened thru control+N option.
So, when the user logged out from any one of the windows, session will be invalidated in all the windows..
tell me how to sort this problem.
I would not consider this a problem at all. This is how sessions work in browsers. Why do you want it to only log out on the current window?
/Jimi
Abhishek Reddy
Ranch Hand
Joined: Mar 28, 2006
Posts: 259
posted
0
thanks for the reply, let us consider i have opened the windows in the above mentioned way. One for user one and the other for user two. Based on the user type iam forwarding the user to two different pages. i.e. user one will see one page and user two will see other page.
If user one job is done and if he logged out, user two should be in a position to do his work.
Note: Keep in mind that users one and user two work are done by same person due to some reasons.
Now, tell me how to resolve this problem?
Jimi Svedenholm
Ranch Hand
Joined: May 19, 2001
Posts: 53
posted
0
Originally posted by Abhishek Reddy: thanks for the reply, let us consider i have opened the windows in the above mentioned way. One for user one and the other for user two. Based on the user type iam forwarding the user to two different pages. i.e. user one will see one page and user two will see other page.
If user one job is done and if he logged out, user two should be in a position to do his work.
Note: Keep in mind that users one and user two work are done by same person due to some reasons.
Now, tell me how to resolve this problem?
ok. I'm not sure that you can solve this problem. There is simply no standard and easy way to detect that a new browser window was opened and then create a new session while still keeping the old session for the old window alive. The reason is that the session id is stored in a cookie, and that cookie is shared between browser windows (if you opened the new browser window using Ctrl-N). So this is a browser issue, not a java issue.
You can however get multiple sessions to work by asking the user to open different browser instances (not sure if it works in Firefox, but with IE it works if you open a new window using the IE shortcut instead of Ctrl-N). Or the user can have one Firefox window and one IE window.
If you really want this behaivor even with multiple browser windows (using the same browser instance and therefore sharing the same session cookie), then it is still possible but I would say that it would require some work. For instance you could keep track of your own "sessions", using a special id, and have a link that says "Create new session". When the user clicks that link then you generate a new "session" with a unique id, and then you make sure that all your links contain this id as a parameter (and all forms aswell, ofcourse).
For your information i am Miss Dhwani Mathur please dont mess up my name, and about your issue i think rancher Jimi Svedenholm has already answered your doubt up to the mark.I too think it is difficult to keep track of new browser windows being opened each time and later as you have mentioned creating a new session with each browser window simultaneously.
1)But still one more thing comes to my mind is Once you open the browser load the page new session gets created and value is stored i.e sets the attribute .
2)Now when you open the second browser window by pressing Ctrl+N the same page gets loaded.
Now this time it will check if session already exist which evaluates to true since in the first window you have already created a session.
3)Now once you go to first window and press Logout session gets invalidated .The same effects go to the second browser window as well.
I hope it helps
Dhwani:>Winning is not important but it is the only thing.
Dhwani:>Winning is not important but it is the only thing. [ April 29, 2008: Message edited by: dhwani mathur ]
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to
run our stuff on 16 servers instead of 3.
0
