• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

multithreaded web application session issue

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I am having a multithreaded web application where it uses HTTP session to store the user specific information. So in the case where we are having 2 different users with the same session (Assume same browser 2 different tabs) then the session values are overlapping. Can someone give an idea what kind of approach we can follow in-order to correct these kind of issues? Any recommendations?

Thanks.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Two users will never share the same session. There may be two windows/tabs open for the same user (and thus possibly sharing the same session), though. Which multithreading issue do you have in this scenario? Are any of the servlets not thread-safe?
 
dinusha ambagahawita
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for the response. actually whats happing is, same browser 2 different tabs user is logging by using 2 different user loggings. so since the tab is sharing the same session, this will mixup the data. Not only the user information all the other variables that are stored in the session which will differ from each login.

Any idea / recommandations to overcome this prob? I am running my application on jboss-4.0.3
 
Bartender
Posts: 4179
22
IntelliJ IDE Python Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This isn't a Threading issue, it is more of a web application design issue. Since the requests for each 'user' will happen over multiple different threads coming from the same thread pool there is no synchronization scheme which will allow separate data (you can't use ThreadLocal for example, and it isn't about publishing or modifying data atomically, it is about data isolation).

The only real way to get this to work is to make sure the two 'users' don't share the same session, and the only way I can think of doing that are:
1) Don't allow multiple tabs to work with different users. If a request for login comes in from a client which already has a session then block the login and use the currently logged in user.
2) Don't allow multiple tabs to work with different users (2). If a request for login comes in from a client which already has a session then discard the old session and start a new one with the new user name.
3) Don't use cookies to track session, use URL encoding. Then each new login could have a different session id, and the session would not be shared.
4) Use 'sessions' within sessions. Each HttpSession has a Map<String, Object> which you store that represents the current tab's 'sub-session' and is stored in the Session with semi-unique id (only has to be unique within the Session). All your data goes in one of these. Every URL has some encoding which adds the id to the URL as a parameter. Instead of using (pseudo code):


You would have to use (pseudo code):

Similar changes would be made to EL access in JSPs (pseudo code):



Depending on the application, I like #1 or #3, have never used #4 but it seems like a reasonable approach depending on how much application change that takes.
 
dinusha ambagahawita
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Many thanks for the ideas.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic