Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Url Rewriting in new browser window

 
Amit Hetawal
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello All,
I wanted to know what will be the servlet container behavior, when the client has the cookies disabled and it tries to open the same website in a different browser window.

So here is my scenario.
Client sends first request to the servlet, since no cookies set, the container will fallback to Url rewriting and from then on the session is maintained between the client and the server.
But now suppose the client opens a new browser window and tries to access the same link, but without sessionid appended to link, so in this case conatiner will see it as a new client and create a different session for it ?

The point i am getting at is, we say the session objects are not thread safe, because the client can open a new browser window but still it will be in the same session, but i think if the cookies are disabled , then the session objects for that client will be thread safe. is that correct or i am missing anything ?

Please advise.
 
Balu Sadhasivam
Ranch Hand
Posts: 874
Android Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

But now suppose the client opens a new browser window and tries to access the same link, but without sessionid appended to link, so in this case conatiner will see it as a new client and create a different session for it ?


Nope. For the server it appears to be the request originating from same and only one client.


but i think if the cookies are disabled , then the session objects for that client will be thread safe. is that correct or i am missing anything ?


That's otherwise. two browser with same session access the same session values , so it does means "not thread safe"
 
Amit Hetawal
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


Nope. For the server it appears to be the request originating from same and only one client.



Am confused how does the server know it is same client, we dont send any kind of id for that client at such.

 
Balu Sadhasivam
Ranch Hand
Posts: 874
Android Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


Am confused how does the server know it is same client, we dont send any kind of id for that client at such.


The URL has session id in it . that's the concept of URL rewriting.
 
Vishwanath Krishnamurthi
Ranch Hand
Posts: 331
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Amit,

I'd like to program and understand that sometime... Maybe you too could try...

1) Disable cookies (See here)

2) Code based on url rewriting.

3) Create a session counter by implementing HttpSessionListener

I have created a Session counter before:



4) Then test the case you thought of.

Regards,
Vishwa
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic