aspose file tools*
The moose likes JSP and the fly likes user session details gets refreshed after navigating to new page Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "user session details gets refreshed after navigating to new page" Watch "user session details gets refreshed after navigating to new page" New topic
Author

user session details gets refreshed after navigating to new page

Aditi Tervankar
Greenhorn

Joined: Apr 10, 2013
Posts: 8
Hi Team,

I am trying to add href in jsp page to navigate to another URL from first jsp page, this second page will get opened as new window.
However my both jsp pages need user to enter different credentials.
When user logs in to first page by entering user/pwd details and navigate to another page using link which is added as href in my first page, the new window gets opened by asking user for another credentials of that second page.

When user enters another credentilas and try to access the first page again, then again user needs to enter user/pwd details, which I want to avoid , can you please suggest on this.
Swastik Dey
Rancher

Joined: Jan 08, 2009
Posts: 1477
    
    6

Do you mean the credentials entered in 2nd page will be used in first page when the user navigates back from 2nd to 1st page?


Swastik
Aditi Tervankar
Greenhorn

Joined: Apr 10, 2013
Posts: 8
Hi,
I meant it is trying to use session created after entering credentials used in second page and try to map that session with first page session, and it fails in that because both pages uses different credentials. Hence when I try to access first page then it again ask to enter credentials which it should not ask. Because once both pages are opened in different window so both pages should be accessible simultaniosly without any problem.

My problem is that after opening second page in new window, I can not access first page without entering its credentials again.

Swastik Dey
Rancher

Joined: Jan 08, 2009
Posts: 1477
    
    6

So far what I could understand is you have different credentials for two different pages, and when the user navigates back to the first page from 2nd page, the first page looses the credentials entered for it and asks for the credentials again. Please correct me if I am wrong.
Aditi Tervankar
Greenhorn

Joined: Apr 10, 2013
Posts: 8
Yes, thats correct but partially, we hv different credentials for two diff. pages.
Only thing is that there is no any link for navigating back from second page to first page. Because I am using href and having link to go to second page, once clicked on that it will get opened in new window and I can see both the windows (pages) opened.

<a=href="https://../secondpage.jsp" target="_blank" >

But once second page is opened , now the first page looses the credentials entered for it and asks for the credentials again. As both pages are using secure channel.

Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61206
    
  66

Why is this part necessary: "https://.."?

If the pages are in the same we app, you should be using server-relative addresses. If it's to switch protocols, well, you cannot share a session between http: and https:


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Aditi Tervankar
Greenhorn

Joined: Apr 10, 2013
Posts: 8
Hi,
Pages are not within same application, I am opening aother application from my existing application, hence HTTPS is required as both are user access restricted application.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61206
    
  66

If the pages are in separate apps, they cannot share a session. If you want to share logged-in status across the disparate apps, you will need to implement so sort of SSO (single sign on) capability.

SSO is not built into the Servlets or JSP containers.

P.S. Using a URL such as "https://../secondpage.jsp" to cross the apps is horribly fragile.
Aditi Tervankar
Greenhorn

Joined: Apr 10, 2013
Posts: 8
Bopth applications are using SSO only.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: user session details gets refreshed after navigating to new page