Session Management

What is the default life time of Session ? If a client is using multiple Internet Explorer , then , are they going to use the same session object or not ???

Hi,

The life of a session is upto the life time of a browser and it also the session time out set in the DD.
If the client uses multiple Internet Explorer, they will be getting different session provided the browser is not opened using ctrl+n or File>> New >> window.

What if we copy-paste a url to a new browser ? How is the Container going to find out that its a new/existing session ?

Here again, if we pass the existing session Id dont we get the same session ?

I am getting the same behaviour , but I want to know that if there is single jsessionid in the cookies , how tdoes he server manage the multiple session from single client ??

Hi,

In context od multiple windows here is the quote from the servlet spec. How the session are treated is depend on the browser processes.

Due to the fact that cookies or SSL certificates are typically controlled by the Web
browser process and are not associated with any particular window of the browser,
requests from all windows of a client application to a servlet container might be part
of the same session. For maximum portability, the Developer should always assume
that all windows of a client are participating in the same session.

Closing or terminating windows will not terminate the session. It will still live in the app server. Some servlet container even preserve the session objects , though the server is crashed or restarted. Here is quote from servlet spec.

In the HTTP protocol, there is no explicit termination signal when a client is no
longer active. This means that the only mechanism that can be used to indicate when
a client is no longer active is a timeout period.

Hope it help you.

Thanks

Hi Narendra ,
From your reply it looks that all the Browser windows should share the same session , but it not happening like that .

Hi,

Thanks for your info...

When i stored an object in the session , it was still available in my new browser created through ctr+N, but when i used the same URL in a new browser that same object which i had stored in the session is not visible.

As stated in the Spec i think it depends on the browsers way of handling
the session.For IE when we open a new window using ctrl+N the browser will copy whatever session in the current browser to the newly opened browser.

Whereas it won't copy over the same when we open a new window.

Pls correct me if iam wrong.


regards

S.Karthikeyan

Hi,

I stated the assumption make in spec. Using IE you are getting different sessions for different windows. It is browser specific. Have you tried on the FireFox/Netscpe browsers ?

I am not a Microsoft expert, but someone can tell you how to set your IE to run all your windows using single browser process. I think it is possible.

Thanks

With Opera and FireFox the same session is continued with both in a new tab (and) a new browser window.

Only in IE with each new browser window a new session is created.

Thanks Vishnu,
But can anybody tell me how can we maintain multiple JSESSIONID in cookies ? I am not too clear on the use of cookies for the session management , if anybody having idea on that then please share that .


Rohan

From Spec

SRV.7.1.1 Cookies
Session tracking through HTTP cookies is the most used session tracking mechanism and is required to be supported by all servlet containers.

The container sends a cookie to the client. The client will then return the cookie on each subsequent request to the server, unambiguously associating the request with a session. The name of the session tracking cookie must be JSESSIONID.

We got the solution for the IE single process problem.

This link expains that

https://coderanch.com/t/361426/Servlets/java/Session-Internet-Explorer