aspose file tools*
The moose likes Servlets and the fly likes Is session attribute thread-safe? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Is session attribute thread-safe?" Watch "Is session attribute thread-safe?" New topic
Author

Is session attribute thread-safe?

Siripa Siangklom
Ranch Hand

Joined: Jan 26, 2004
Posts: 79
If I visit the same web application across two browser windows simultaneity, there will be two threads visiting the web application.
But I don't know whether the two threads share the same session?
If they share, the session attribute is not thread-safe.
If they do not share, the session attribute is thread-safe.
who can explain it to me?
Basavaraju Banakar
Greenhorn

Joined: Jul 18, 2002
Posts: 25
The requests from different browser instances (other than opening a new window form an existing one) will have diferent sessions.


It is impossible to make anything foolproof because fools are so ingenious..Murphy<br />Basu.
Mike Curwen
Ranch Hand

Joined: Feb 20, 2001
Posts: 3695

The 'two browser windows sharing session' debate always seems to relate to how 'well behaved' your particular browser is.

I think it was Netscape 4.x that would simply NOT be able to have two different sessions.

Also, current versions of IE will *always* share a session if you use "File|New|Window", "Cntrl-N" or any other variation of opening a second window from an existing window.

If, on the other hand, you click the Start Menu icon twice, or you click the QuickLaunch toolbar icon twice, then you will get two windows of IE that know nothing about each other, and will NOT share a session.


As for thread safety, the issue *can* be most easily demonstrated by having two browser windows that share a session. But it's not limited to this case.
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8898

The 2 browsers will represent 2 sessions.


Groovy
Ko Ko Naing
Ranch Hand

Joined: Jun 08, 2002
Posts: 3178
Originally posted by Mike Curwen:
If, on the other hand, you click the Start Menu icon twice, or you click the QuickLaunch toolbar icon twice, then you will get two windows of IE that know nothing about each other, and will NOT share a session.

It's very good infomation... I've never known it b4... I think the following thread might be useful to the original poster as well....
http://www.coderanch.com/t/357781/Servlets/java/block-multiple-logins-same-user


Co-author of SCMAD Exam Guide, Author of JMADPlus
SCJP1.2, CCNA, SCWCD1.4, SCBCD1.3, SCMAD1.0, SCJA1.0, SCJP6.0
Jeroen Wenting
Ranch Hand

Joined: Oct 12, 2000
Posts: 5093
Simply put:
if there are two instances of the browser executable running on the client, each of which accesses the web application, those two should have two distinct sessions (indeed Netscape 4 may have been extremely misbehaved in this, but it is possible that it simply was too smart for itself and started another window in the same instance whenever you thought you were launching a new instance).
If there are two windows running in the same browser instance both will share the session.
You can easily check this on Windows in the taskmanager.
Launch IE and you will see a task 'iexplore.exe' appearing. Open a new window from the menu (or click Ctrl-N), no new task will appear.
Kill the task and both windows disappear.
Now launch IE twice from the desktop, quicklaunch bar or startmenu. You'll see 2 tasks 'iexplore.exe'.


42
Kevin Jones
Author
Ranch Hand

Joined: Oct 29, 2003
Posts: 39
But this doesn't make your sessions thread safe. If you 'refresh' the window this sends a request to the server which could access the session, hitting refresh again before the first request finishes will send another request to the server and more session access.
Never rely on thread safety in sessions, always synchronize


Kevin Jones<br />Author: <a href="http://www.amazon.com/exec/obidos/tg/detail/-/0321136497/jranch-20" target="_blank" rel="nofollow">Servlets and JSP: The J2EE Web Tier</a>
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8898

Originally posted by Kevin Jones:
But this doesn't make your sessions thread safe. If you 'refresh' the window this sends a request to the server which could access the session, hitting refresh again before the first request finishes will send another request to the server and more session access.
Never rely on thread safety in sessions, always synchronize

In case we use frames we encounter synchronization problem.
[ January 30, 2004: Message edited by: Pradeep Bhat ]
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12681
    
    5
Any web page generation that involves multiple simultaneous requests will have to watch out for synchronization problems. Not only frames but also images or other resources generated on the fly can cause a servlet to be processing multiple requests from the same browser instance "at the same time."
Bill
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Is session attribute thread-safe?
 
Similar Threads
Question On Thread Safety
Which JSP scope are thread safe ?
sharing the session object
Is session object thread safe.
isThreadSafe