• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

session issue with multi tabs in a browser

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Have a session problem with application when opened in multiple tabs of a browser.
In my project a user can have multiple log in id's so he could log into the app with two id's
at the same time as two diferent users. but when they try to log in with two id in multiple
tabs of a browser. the same session of the browser is being shared and the data gets messed up.
Any insights to solve this issue?

I see a pattern in mail.yahoo.com , if i log into my mail.yahoo with one user id and try to login in
to other user id in the new tab. one of them logs out. Any idea how this could be done...

Thanks
 
author & internet detective
Posts: 41860
908
Eclipse IDE VI Editor Java
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Maddy,
When a user logs in, you could see if they have a valid session. If so and the id doesn't match, that would be the clue to log the other user out.
 
Maddy yam
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for the reply, multiple tabs are from the same browser, so the session id for all the
tabs from that browser are same. I tried before as you mentioned, but it didnt solve the issue
 
Author
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Different browsers handle tabs/windows and sessions differently. If the browser shares sessions across tabs there's not much you can do about it, although some frameworks allow multiple conversations per session, working around this limitation (Seam comes to mind).
 
Ranch Hand
Posts: 46
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can have different browsers, I mean he uses firefox to access with first userId, IE for second, flock for the 3rd , etc....
 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Dear Maddy,

Would like to know if you have got the solution for this multi tab session issue?
We are facing major issue with this problem in our application and have to resolve ASAP.
Appreciate your immediate response on this.

Regards,
Manohar P
 
David Newton
Author
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My response is the same: this is simply how browsers work. Look at Seam and see if its solution is adaptable to your framework.
 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you are trying to provide the user the same data if he opens a new tab and data should not get messed up then you should synchronize session. Though it might effect performance but you have to live with it. HttpSession is not threadsafe.

Thanks,
Ram.
 
Manohar Parelly
Greenhorn
Posts: 3
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

Using window.name javascript property we can track tabs/windows in the same session. I successfully used window.name in my application to track & do necessary action when application is accessed from multiple tabs.
Implementation details to restrict multi tabs access:
On Login page submit, set the window.name property to some value. Pass the same value as a hidden variable to Login action.
With this we can always ensure that proper login attempt window will have a name associated with it.
You have to put a check in Login action. If the value is not there in the session, it means 1st time you are trying to login in the session. Put the value in the session. If value already exist in the session, it means you are trying to login from another tab in the same session.
if(sessionmap.get("WINDOW_NAME") == null){
sessionmap.put("WINDOW_NAME", windowName);
}else{
return "InvalidBrowserWindowError";
}

Assume user is already logged in from 1st tab. In my application, if I open another tab in IE (even another window in forefox) and copy & paste the URL from 1st tab... it automatically takes the user to same page as in 1st page. To restrict this access, I identified all entry points to different modules in my application, and put below logic in some required jsp files to throw error page.

<form name="invalidwindow" id="invalidwindow" action="<<some action>>" method="post">
</form>

<script language="JavaScript" type="text/javascript">
if(window.name == '' || window.name != <<some value>>'){
invokeInvalidBrowserWindow();
}
function invokeInvalidBrowserWindow(){
document.invalidwindow.submit();
}
</script>

Above logic is to restrict web application access from multiple tabs.

If you want to support multiple logins from same machine you can do like below:
IE --> login from one IE tab. Open a new IE window (File --> New Window). and login from new window.
Mozilla --> Install CookiePie add-on in your mizilla browser window. Enable CookiePie for each tab. CookiePie will ensure that a new session will be created for each tab.

Regards,
Manohar Parelly
 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Manohar,
This is a smart idea, is it possible to share the entire source code.
Specifically how to handle window.name for the first time, store it in session.

It may help me quickly grasp it.

There's another offering on similar lines but with .NET code
A quick response will be appreciated.

Regards
Asheesh

Manohar Parelly wrote:Hi,

Using window.name javascript property we can track tabs/windows in the same session. I successfully used window.name in my application to track & do necessary action when application is accessed from multiple tabs.
Implementation details to restrict multi tabs access:
On Login page submit, set the window.name property to some value. Pass the same value as a hidden variable to Login action.
With this we can always ensure that proper login attempt window will have a name associated with it.
You have to put a check in Login action. If the value is not there in the session, it means 1st time you are trying to login in the session. Put the value in the session. If value already exist in the session, it means you are trying to login from another tab in the same session.
if(sessionmap.get("WINDOW_NAME") == null){
sessionmap.put("WINDOW_NAME", windowName);
}else{
return "InvalidBrowserWindowError";
}

Assume user is already logged in from 1st tab. In my application, if I open another tab in IE (even another window in forefox) and copy & paste the URL from 1st tab... it automatically takes the user to same page as in 1st page. To restrict this access, I identified all entry points to different modules in my application, and put below logic in some required jsp files to throw error page.

<form name="invalidwindow" id="invalidwindow" action="<<some action>>" method="post">
</form>

<script language="JavaScript" type="text/javascript">
if(window.name == '' || window.name != <<some value>>'){
invokeInvalidBrowserWindow();
}
function invokeInvalidBrowserWindow(){
document.invalidwindow.submit();
}
</script>

Above logic is to restrict web application access from multiple tabs.

If you want to support multiple logins from same machine you can do like below:
IE --> login from one IE tab. Open a new IE window (File --> New Window). and login from new window.
Mozilla --> Install CookiePie add-on in your mizilla browser window. Enable CookiePie for each tab. CookiePie will ensure that a new session will be created for each tab.

Regards,
Manohar Parelly

 
Sheriff
Posts: 22781
131
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Asheesh Mathurs wrote:Manohar,
This is a smart idea, is it possible to share the entire source code.


No; we are NotACodeMill.
 
Asheesh Mathurs
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Please excuse, my intention is not to offend forum.

Manohar's idea is a brilliant one. At times. it's easy to comprehend code from multiple related artifacts when complete picture is available.



Rob Spoor wrote:

Asheesh Mathurs wrote:Manohar,
This is a smart idea, is it possible to share the entire source code.


No; we are NotACodeMill.

 
Greenhorn
Posts: 9
Postgres Database Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It is a good idea. By the way it will not work in IE. Because window.name method won't work in IE!!
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic