This week's book giveaway is in the Jobs Discussion forum.
We're giving away four copies of Java Interview Guide and have Anthony DePalma on-line!
See this thread for details.
The moose likes JSP and the fly likes session handling from different tabs of same browser Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "session handling from different tabs of same browser" Watch "session handling from different tabs of same browser" New topic

session handling from different tabs of same browser

yogesh kalaskar

Joined: Jan 24, 2007
Posts: 6
Hi All,

I am using IE 7 . When i login through same user account in different tabs of same browser , it gives me the same sassion id as the browser made in that way.
But is there any way to identify these 2 sessions or to forecefully give them different session id. (other than the evil means of cookie disabling).

Yogesh g k
Jeanne Boyarsky
author & internet detective

Joined: May 26, 2003
Posts: 33132

No. They aren't really two sessions. They are the same session in two tabs. The browser has no way of knowing which requests come from which session.

[OCA 8 book] [Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2
ujjwal soni
Ranch Hand

Joined: Mar 28, 2007
Posts: 403
You have to realize that server-side sessions are an artificial add-on to HTTP. Since HTTP is stateless, the server needs to somehow recognize that a request belongs to a particular user it knows and has a session for. There are 2 ways to do this:

1) Cookies. The cleaner and more popular method, but it means that all browser tabs and windows by one user share the session - IMO this is in fact desirable, and I would be very annoyed at a site that made me login for each new tab, since I use tabs very intensively

2) URL rewriting. Any URL on the site has a session ID appended to it. This is more work (you have to do something everywhere you have a site-internal link), but makes it possible to have separate sessions in different tabs, though tabs opened through link will still share the session. It's also less unsafe, as it makes session hijacking easier, and it means the user always has to log in when he comes to your site.

Ujjwal B Soni <baroda, gujarat, india> <+918866008962>
"Helping hands are better than praying lips......"
Bear Bibeault
Author and ninkuma

Joined: Jan 10, 2002
Posts: 63870

But what does that have to do with the poster's question?

[Asking smart questions] [About Bear] [Books by Bear]
I agree. Here's the link:
subject: session handling from different tabs of same browser
It's not a secret anymore!