wood burning stoves 2.0*
The moose likes JSP and the fly likes same session when press ctrl + N in IE6 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "same session when press ctrl + N in IE6" Watch "same session when press ctrl + N in IE6" New topic
Author

same session when press ctrl + N in IE6

peter tong
Ranch Hand

Joined: Mar 15, 2008
Posts: 240
I found that when I open my website in IE6, then press ctrl + N, a new IE is opened but it use the same session as my origin IE, any method to force user to login my application again when user press ctrl + n in IE6?
also, the same problem occur in IE 8 if user open a new IE by double click the IE shortcut icon.
Stefan Evans
Bartender

Joined: Jul 06, 2005
Posts: 1016
Windows opened by ctrl+N, the "New Window" menu item, or clicking a link all belong to the same browser session.
Windows in the same browser session, all share the same session cookies.
The session cookie is how the server side session is maintained and linked to a client. ie the server looks at the sessionId embedded in the cookie sent with the request.

There is no way I am aware of to prevent this from happening. It is how they have designed the browser. And indeed, the functionality is desirable in many circumstances.

You can potentially change your entire method of session tracking so as not to use cookies, but I think thats just too much work for not enough gain.

peter tong
Ranch Hand

Joined: Mar 15, 2008
Posts: 240
oh, but our application need prevent this happen because there are some bugs which are caused by user press ctrl + N in IE6 and work in two windows.
it make the session attribute (object in actionForm, in struts 1) chaos and save with unexpected result.
Or is there any workaround, like disable the ctrl + N function in IE6?
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60810
    
  65

Your time would be better spent fixing the bugs rather than trying to find a band-aid that's unlikely to have any positive effect.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60810
    
  65

P.S. This is generally the way that other browsers work as well.
peter tong
Ranch Hand

Joined: Mar 15, 2008
Posts: 240
Bear Bibeault wrote:Your time would be better spent fixing the bugs rather than trying to find a band-aid that's unlikely to have any positive effect.


then any possible direction to fix or prevent the second IE browser overwrite the session attribute of the first IE browser window (if prevent user to open two browser by ctrl + n is not a proper direction)?
Paul Sturrock
Bartender

Joined: Apr 14, 2004
Posts: 10336

You need to change the scope of the stuff you store in the session, or you could use a sessionid + "window ID" approach to storing session state. Something like a filter that looks for an id for the window in the request, if it doesn't find one adds one and from then on all actions from that window use it to identify its own state in the session.


JavaRanch FAQ HowToAskQuestionsOnJavaRanch
Hebert Coelho
Ranch Hand

Joined: Jul 14, 2010
Posts: 754

I know that IE 8 there is the option -nomerge that the session won't be shared.

Maybe you can find something to IE 6


[uaiHebert.com] [Full WebApplication JSF EJB JPA JAAS with source code to download] One Table Per SubClass [Web/JSF]
peter tong
Ranch Hand

Joined: Mar 15, 2008
Posts: 240
Paul Sturrock wrote:You need to change the scope of the stuff you store in the session, or you could use a sessionid + "window ID" approach to storing session state. Something like a filter that looks for an id for the window in the request, if it doesn't find one adds one and from then on all actions from that window use it to identify its own state in the session.

"all actions from that window" means all jsp from that window? my app has more than 3 hundred jsp and I think too much workload to add an id to each jsp, or ie window has a id?
also, I am using struts 1.x, the acton form is already hard code in the struts-config.xml, so how to keep each actionform map to a action from a specific browser window?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: same session when press ctrl + N in IE6
 
Similar Threads
Session Attributes - thread safe ?
Restricting HotKeys(Ctrl+N) in IE
Session in new browser window
setProperty and thread safety
Session