This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Servlets and the fly likes Different sessions on different firefox tabs ? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Different sessions on different firefox tabs ?" Watch "Different sessions on different firefox tabs ?" New topic
Author

Different sessions on different firefox tabs ?

Albert Kam
Ranch Hand

Joined: Oct 18, 2007
Posts: 58
Dear JavaRanchers,

I need your wisdom !

Is different sessions on different firefox tabs plausible ?

In my scenario, i have 2 login screens, with these URLs :
http://myhost/my_struts_webapp
and
http://myhost/my_struts_webapp/my_struts_submodule

What i would like to achieve is, to open one tab for each URLs,
and they can operate independently.

What's happenning now is that when i invalidate one session,
the other one gets invalidated too.

I assume the browser sends the same session-id cookie
to both of the URLs.

Is it possible to have independent session-id cookies for each URL,
which exists on different tabs of firefox browser ?

I know the solution about creating a new profile for firefox,
so 2 different firefox instances for these 2 webapps, but i would like
to know about other solutions in one instance of firefox if they exist. :-D

I really wonder how the browser determines which cookies to use ..
I mean, will the cookies (including the session id) from URL of
http://blah.com will be sent to http://blah.com/blah
and http://blah.com/blah/blah too ?

If it is so, can i use different server hostname,
but pointing to the same server IP ..
will it solve the issue then ?

Please share your thoughts and experiences ...

Regards,
Albert Kam


Be nice !
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9291
    
  17

Albert I don't think this is possible. The browser would store only one cookie for a domain session. Recently I studied Seams and this is possible in it but that's a completely different thing know as conversations ...


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
Albert Kam
Ranch Hand

Joined: Oct 18, 2007
Posts: 58
Hi Ankit,

Thank you for your response. And allow me to congratulate you on your 98% SCJP 6 ! I'm currently preparing for it also with Kathy and Bert book, but so far, my self tests' results are not very encouraging, haha ..

Anyway, about my the issue i had ..

I tried out firefox with multiple profile feature, and it works, but it must have 2 browser instances, and it involves setting all our client's browser

I was quite desperate in googling solutions until i found this interesting line :
Cookies can also be limited in scope to a specific domain, subdomain or path on the web server which created them.
in http://en.wikipedia.org/wiki/HTTP_cookie

Any ideas on how to implement this ?

Regards,
Albert Kam
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12761
    
    5
You will automatically get different sessions IF each tab's URL points to a different "web application" as defined by your deployment descriptors and directory structure. This is because the session id cookie is defined by the path as per the cookie standard.

Bill
Nikhil Doomra
Greenhorn

Joined: Feb 09, 2009
Posts: 2
according to me different sessions can be made without creating any more firefox instance...
just use the logic..
what you do is take one static variable ... and increment each time you open a new page using javascript... or you can use jspInit()
now what you do is whenever you create a session concatenate this variable to the common session name....
i am just giving you the logic........

Saifuddin Merchant
Ranch Hand

Joined: Feb 08, 2009
Posts: 597

HttpSession uses cookies to keep track of the user, but this is invisible to the programmer. Hence you cannot control session by limiting the cookie setting - In fact there is no cookie setting in the session interface!

The only way you can have different session is by deploying the application as two different applications. The web server will make sure that you have two different sessions.
Hence instead of deploying the other project as a sub-module of the first you need to deploy them as two separate projects.
http://myhost/my_struts_webapp_1
and
http://myhost/my_struts_webapp_2.

In case you need the link http://myhost/my_struts_webapp/my_struts_submodule to still work you could use a Server Redirect to http://myhost/my_struts_webapp_2.

The other solution what you propose is interesting...having two different domain names pointing to the same IP. Yes I this should will also solve the problem albeit in a different manner. In this case the client browser Domain restrictions would come into play automatically - which means the cookie will not be sent and the server will start a new session. Of course this behavior cannot be guaranteed since URL rewriting could come into play – (default with struts) leading to some strange results...


Cheers - Sam.
Twisters - The new age Java Quiz || My Blog
Saifuddin Merchant
Ranch Hand

Joined: Feb 08, 2009
Posts: 597

Nikhil Doomra wrote:according to me different sessions can be made without creating any more firefox instance...
just use the logic..
what you do is take one static variable ... and increment each time you open a new page using javascript... or you can use jspInit()
now what you do is whenever you create a session concatenate this variable to the common session name....
i am just giving you the logic........



@Nikhil Doomra - I'm not sure I understand how your method helps. Can you tell me what do you mean by session name and where can I set it?
Nikhil Doomra
Greenhorn

Joined: Feb 09, 2009
Posts: 2
Sam Mercs wrote:
Nikhil Doomra wrote:according to me different sessions can be made without creating any more firefox instance...
just use the logic..
what you do is take one static variable ... and increment each time you open a new page using javascript... or you can use jspInit()
now what you do is whenever you create a session concatenate this variable to the common session name....
i am just giving you the logic........



@Nikhil Doomra - I'm not sure I understand how your method helps. Can you tell me what do you mean by session name and where can I set it?


sorry there is nothing as session name .. i mean to say session attribute..... in each page you add a new session attribute... and dont invalidate the session on window closing.. may be that might help you
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Different sessions on different firefox tabs ?
 
Similar Threads
session handling from different tabs of same browser
Getting two different sessions in two different tabs of same browser window
Can't validate session
Handling cookies Path for specific subdomain ?
Session Filter problem