Re: Session-Confusion
The cookies stored by firefox are shared across the tabs. If you want to
be able to log in using separate users in firefox, then you can do that
using separate firefox profiles.
Try
firefox -ProfileManager
the create a new profile or select the profile to run from whatever
profiles you may already have. If you already have firefox running, use
firefox -ProfileManager -no-remote
to start firefox in a separate process.
Paul
philipp.bouil...@gmail.com wrote:
Hi,
maybe I get my basics wrong, but I am currently a bit confused, maybe
you could help me understand what goes wrong here:
I am writing a GWT application where a user has to authenticate
himself to a database. Upon successful authentication, I create a new
HttpSession like so:
private final HttpSession startNewSession() {
HttpSession session = getThreadLocalRequest().getSession();
if(session != null) {
return session;
}
return getThreadLocalRequest().getSession(true);
}
which -- as you can see -- does _not_ create a new session, if a
session already exists.
And that may be the problem: If I log on to my application using two
different tabs in Firefox (for example), I get _the same_ session...
Is there any way of forcing the creation of a new session if I log on?
Am I completely wrong by even needing to do that??
If the user logs on using two different tabs, I would really like to
have two completely different sessions, but it seems that
getThreadLocalRequest only allows for _one_ session in this case
(being thread local... :)).
So, the only way around this problem I see right now, is to modify
(extend) RemoteServiceServlet and handle the HttpServletRequest(s) and
HttpServletResponse(s) on my own -- if that is possible... Any ideas?
Thanks for any pointers!
Philipp
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-toolkit@googlegroups.com
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en
-~--~~~~--~~--~--~---
Re: Session-Confusion
?
Thanks, Paul, but I fear I don't (quite) understand.
Are you saying that I have to start FF with command line options in
order to be able to create different session IDs for different tabs?
Even if that should be so, I can hardly communicate this information
to all our clients and ask them to start their FF with those options
(let alone those clients that are using different browsers, like IE 8
for example).
Isn't there a way of getting different session IDs for different tabs?
I have googled some more and found a hint on customizing the apache
tomcat session manager... Should I look more deeply into that topic?
Sounds a little daunting...
Thanks,
Philipp
On 26 Okt., 12:27, Paul Robinson ukcue...@gmail.com wrote:
The cookies stored by firefox are shared across the tabs. If you want to
be able to log in using separate users in firefox, then you can do that
using separate firefox profiles.
Try
firefox -ProfileManager
the create a new profile or select the profile to run from whatever
profiles you may already have. If you already have firefox running, use
firefox -ProfileManager -no-remote
to start firefox in a separate process.
Paul
philipp.bouil...@gmail.com wrote:
Hi,
maybe I get my basics wrong, but I am currently a bit confused, maybe
you could help me understand what goes wrong here:
I am writing a GWT application where a user has to authenticate
himself to a database. Upon successful authentication, I create a new
HttpSession like so:
private final HttpSession startNewSession() {
HttpSession session = getThreadLocalRequest().getSession();
if(session != null) {
return session;
}
return getThreadLocalRequest().getSession(true);
}
which -- as you can see -- does _not_ create a new session, if a
session already exists.
And that may be the problem: If I log on to my application using two
different tabs in Firefox (for example), I get _the same_ session...
Is there any way of forcing the creation of a new session if I log on?
Am I completely wrong by even needing to do that??
If the user logs on using two different tabs, I would really like to
have two completely different sessions, but it seems that
getThreadLocalRequest only allows for _one_ session in this case
(being thread local... :)).
So, the only way around this problem I see right now, is to modify
(extend) RemoteServiceServlet and handle the HttpServletRequest(s) and
HttpServletResponse(s) on my own -- if that is possible... Any ideas?
Thanks for any pointers!
Philipp
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-toolkit@googlegroups.com
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en
-~--~~~~--~~--~--~---
Re: Session-Confusion
I am saying that you need different command line options in FF to make
it work with separate profiles, and that that would let you have
different cookies in each profile.
Your session information has to be stored in cookies or in the URL. Each
has their own pros and cons, but all tabs will share cookies whereas
each tab can (obviously) have different URLs. Google something like
session url to see if you really want to do that.
I guess the real question is why you want to do this in the first place?
As a developer, it's good to be logged in with different users at once
for testing stuff out, but what's the use case for the end user to be
able to do it?
An easier way to tell client's that want this is to tell them to log in
with two browsers - like FF and Chrome (or whatever).
Paul
philipp.bouil...@gmail.com wrote:
?
Thanks, Paul, but I fear I don't (quite) understand.
Are you saying that I have to start FF with command line options in
order to be able to create different session IDs for different tabs?
Even if that should be so, I can hardly communicate this information
to all our clients and ask them to start their FF with those options
(let alone those clients that are using different browsers, like IE 8
for example).
Isn't there a way of getting different session IDs for different tabs?
I have googled some more and found a hint on customizing the apache
tomcat session manager... Should I look more deeply into that topic?
Sounds a little daunting...
Thanks,
Philipp
On 26 Okt., 12:27, Paul Robinson ukcue...@gmail.com wrote:
The cookies stored by firefox are shared across the tabs. If you want to
be able to log in using separate users in firefox, then you can do that
using separate firefox profiles.
Try
firefox -ProfileManager
the create a new profile or select the profile to run from whatever
profiles you may already have. If you already have firefox running, use
firefox -ProfileManager -no-remote
to start firefox in a separate process.
Paul
philipp.bouil...@gmail.com wrote:
Hi,
maybe I get my basics wrong, but I am currently a bit confused, maybe
you could help me understand what goes wrong here:
I am writing a GWT application where a user has to authenticate
himself to a database. Upon successful authentication, I create a new
HttpSession like so:
private final HttpSession startNewSession() {
HttpSession session = getThreadLocalRequest().getSession();
if(session != null) {
return session;
}
return getThreadLocalRequest().getSession(true);
}
which -- as you can see -- does _not_ create a new session, if a
session already exists.
And that may be the problem: If I log on to my application using two
different tabs in Firefox (for example), I get _the same_ session...
Is there any way of forcing the creation of a new session if I log on?
Am I completely wrong by even needing to do that??
If the user logs on using two different tabs, I would really like to
have two completely different sessions, but it seems that
getThreadLocalRequest only allows for _one_ session in this case
(being thread local... :)).
So, the only way around this problem I see right now, is to modify
(extend) RemoteServiceServlet and handle the HttpServletRequest(s) and
HttpServletResponse(s) on my own -- if that is possible... Any ideas?
Thanks for any pointers!
Philipp
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-toolkit@googlegroups.com
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en
-~--~~~~--~~--~--~---
Re: Session-Confusion
Hmm... Ok, I see. I will try googling. Thanks.
Well, the reason for different sessions in different tabs is this
scenario: Using a special link, a user can embed (a part of) our
application into his website. If a user browses to his website and
opens the same website in a different tab (which might happen
frequently, maybe because all links on the page open in new tabs),
problems will arise. As a stand-alone application, I agree, it doesn't
really make sense to have different session id's for the same user in
different tabs.
Anyway, thanks for your help, I'll look into session URLs and if that
doesn't help, --- well, I'm sure to find something else :).
Thanks,
Philipp
On 26 Okt., 14:00, Paul Robinson ukcue...@gmail.com wrote:
I am saying that you need different command line options in FF to make
it work with separate profiles, and that that would let you have
different cookies in each profile.
Your session information has to be stored in cookies or in the URL. Each
has their own pros and cons, but all tabs will share cookies whereas
each tab can (obviously) have different URLs. Google something like
session url to see if you really want to do that.
I guess the real question is why you want to do this in the first place?
As a developer, it's good to be logged in with different users at once
for testing stuff out, but what's the use case for the end user to be
able to do it?
An easier way to tell client's that want this is to tell them to log in
with two browsers - like FF and Chrome (or whatever).
Paul
philipp.bouil...@gmail.com wrote:
?
Thanks, Paul, but I fear I don't (quite) understand.
Are you saying that I have to start FF with command line options in
order to be able to create different session IDs for different tabs?
Even if that should be so, I can hardly communicate this information
to all our clients and ask them to start their FF with those options
(let alone those clients that are using different browsers, like IE 8
for example).
Isn't there a way of getting different session IDs for different tabs?
I have googled some more and found a hint on customizing the apache
tomcat session manager... Should I look more deeply into that topic?
Sounds a little daunting...
Thanks,
Philipp
On 26 Okt., 12:27, Paul Robinson ukcue...@gmail.com wrote:
The cookies stored by firefox are shared across the tabs. If you want to
be able to log in using separate users in firefox, then you can do that
using separate firefox profiles.
Try
firefox -ProfileManager
the create a new profile or select the profile to run from whatever
profiles you may already have. If you already have firefox running, use
firefox -ProfileManager -no-remote
to start firefox in a separate process.
Paul
philipp.bouil...@gmail.com wrote:
Hi,
maybe I get my basics wrong, but I am currently a bit confused, maybe
you could help me understand what goes wrong here:
I am writing a GWT application where a user has to authenticate
himself to a database. Upon successful authentication, I create a new
HttpSession like so:
private final HttpSession startNewSession() {
HttpSession session = getThreadLocalRequest().getSession();
if(session != null) {
return session;
}
return getThreadLocalRequest().getSession(true);
}
which -- as you can see -- does _not_ create a new session, if a
session already exists.
And that may be the problem: If I log on to my application using two
different tabs in Firefox (for example), I get _the same_ session...
Is there any way of forcing the creation of a new session if I log on?
Am I completely wrong by even needing to do that??
If the user logs on using two different tabs, I would really like to
have two completely different sessions, but it seems that
getThreadLocalRequest only allows for _one_ session in this case
(being thread local... :)).
So, the only way around this problem I see right now, is to modify
(extend) RemoteServiceServlet and handle the HttpServletRequest(s) and
HttpServletResponse(s) on my own -- if that is possible... Any ideas?
Thanks for any pointers!
Philipp
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-toolkit@googlegroups.com
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en
-~--~~~~--~~--~--~---
Re: Session-Confusion
Philipp,
Use your own ID instead of or in addition to the session cookie. Send
that ID with each RPC request so that the server knows which instance
of your app it is talking to.
- Isaac
On Mon, Oct 26, 2009 at 9:06 AM, philipp.bouil...@gmail.com
philipp.bouil...@gmail.com wrote:
Hmm... Ok, I see. I will try googling. Thanks.
Well, the reason for different sessions in different tabs is this
scenario: Using a special link, a user can embed (a part of) our
application into his website. If a user browses to his website and
opens the same website in a different tab (which might happen
frequently, maybe because all links on the page open in new tabs),
problems will arise. As a stand-alone application, I agree, it doesn't
really make sense to have different session id's for the same user in
different tabs.
Anyway, thanks for your help, I'll look into session URLs and if that
doesn't help, --- well, I'm sure to find something else :).
Thanks,
Philipp
On 26 Okt., 14:00, Paul Robinson ukcue...@gmail.com wrote:
I am saying that you need different command line options in FF to make
it work with separate profiles, and that that would let you have
different cookies in each profile.
Your session information has to be stored in cookies or in the URL. Each
has their own pros and cons, but all tabs will share cookies whereas
each tab can (obviously) have different URLs. Google something like
session url to see if you really want to do that.
I guess the real question is why you want to do this in the first place?
As a developer, it's good to be logged in with different users at once
for testing stuff out, but what's the use case for the end user to be
able to do it?
An easier way to tell client's that want this is to tell them to log in
with two browsers - like FF and Chrome (or whatever).
Paul
philipp.bouil...@gmail.com wrote:
?
Thanks, Paul, but I fear I don't (quite) understand.
Are you saying that I have to start FF with command line options in
order to be able to create different session IDs for different tabs?
Even if that should be so, I can hardly communicate this information
to all our clients and ask them to start their FF with those options
(let alone those clients that are using different browsers, like IE 8
for example).
Isn't there a way of getting different session IDs for different tabs?
I have googled some more and found a hint on customizing the apache
tomcat session manager... Should I look more deeply into that topic?
Sounds a little daunting...
Thanks,
Philipp
On 26 Okt., 12:27, Paul Robinson ukcue...@gmail.com wrote:
The cookies stored by firefox are shared across the tabs. If you want to
be able to log in using separate users in firefox, then you can do that
using separate firefox profiles.
Try
firefox -ProfileManager
the create a new profile or select the profile to run from whatever
profiles you may already have. If you already have firefox running, use
firefox -ProfileManager -no-remote
to start firefox in a separate process.
Paul
philipp.bouil...@gmail.com wrote:
Hi,
maybe I get my basics wrong, but I am currently a bit confused, maybe
you could help me understand what goes wrong here:
I am writing a GWT application where a user has to authenticate
himself to a database. Upon successful authentication, I create a new
HttpSession like so:
private final HttpSession startNewSession() {
HttpSession session = getThreadLocalRequest().getSession();
if(session != null) {
return session;
}
return getThreadLocalRequest().getSession(true);
}
which -- as you can see -- does _not_ create a new session, if a
session already exists.
And that may be the problem: If I log on to my application using two
different tabs in Firefox (for example), I get _the same_ session...
Is there any way of forcing the creation of a new session if I log on?
Am I completely wrong by even needing to do that??
If the user logs on using two different tabs, I would really like to
have two completely different sessions, but it seems that
getThreadLocalRequest only allows for _one_ session in this case
(being thread local... :)).
So, the only way around this problem I see right now, is to modify
(extend) RemoteServiceServlet and handle the HttpServletRequest(s) and
HttpServletResponse(s) on my own -- if that is possible... Any ideas?
Thanks for any pointers!
Philipp
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-toolkit@googlegroups.com
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en
Re: Session-Confusion
On 26 oct, 12:38, philipp.bouil...@gmail.com philipp.bouil...@gmail.com wrote: ? Thanks, Paul, but I fear I don't (quite) understand. Are you saying that I have to start FF with command line options in order to be able to create different session IDs for different tabs? Even if that should be so, I can hardly communicate this information to all our clients and ask them to start their FF with those options (let alone those clients that are using different browsers, like IE 8 for example). Are your clients *expected* to open the app twice side-by-side with different credentials? Most webapps do not allow it (including Google apps and apps hosted on AppEngine, as well as Yahoo! and Microsoft apps, to cite a few). Isn't there a way of getting different session IDs for different tabs? Sure: do not use cookies to maintain sessions (servlet containers usually have a way of disabling cookie-based sessions). But you'd better not use sessions at all if you can: if your GWT app is a single-page app, then the page itself can maintain the session without the need for cookies: just pass the credentials (generally an authentication ticket that the server generated in response to a request to a login servlet) with all your calls (e.g. use RequestBuilder.addHeader, and if you use RPC, use the RpcRequestBuilder to do the same, if you use a GWT 2.0 milestone or similar). See Ray Ryan's talk at Google I/O last spring: http://code.google.com/events/io/2009/sessions/GoogleWebToolkitBestPractices.html (look for statelessness) You can also google for REST, RESTful or RESTful web services. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-toolkit@googlegroups.com To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en -~--~~~~--~~--~--~---
Re: Session-Confusion
Hi Philip, You need not create a new session for every tab. Rather what you can do is, ensure that every request from a new tab passes a Id to the gwt module and use your session like ...request.setAttribute( 'SESSION_DATA_'+Id, sessionData ) since your client is passing the id, it can use the same id at a later stage to retrieve the data (i used a random number). But i doubt if this can be used in distributed server envrionment where sessions are not replicated across all the servers. Thanks Sudeep On Mon, Oct 26, 2009 at 9:25 PM, Thomas Broyer t.bro...@gmail.com wrote: On 26 oct, 12:38, philipp.bouil...@gmail.com philipp.bouil...@gmail.com wrote: ? Thanks, Paul, but I fear I don't (quite) understand. Are you saying that I have to start FF with command line options in order to be able to create different session IDs for different tabs? Even if that should be so, I can hardly communicate this information to all our clients and ask them to start their FF with those options (let alone those clients that are using different browsers, like IE 8 for example). Are your clients *expected* to open the app twice side-by-side with different credentials? Most webapps do not allow it (including Google apps and apps hosted on AppEngine, as well as Yahoo! and Microsoft apps, to cite a few). Isn't there a way of getting different session IDs for different tabs? Sure: do not use cookies to maintain sessions (servlet containers usually have a way of disabling cookie-based sessions). But you'd better not use sessions at all if you can: if your GWT app is a single-page app, then the page itself can maintain the session without the need for cookies: just pass the credentials (generally an authentication ticket that the server generated in response to a request to a login servlet) with all your calls (e.g. use RequestBuilder.addHeader, and if you use RPC, use the RpcRequestBuilder to do the same, if you use a GWT 2.0 milestone or similar). See Ray Ryan's talk at Google I/O last spring: http://code.google.com/events/io/2009/sessions/GoogleWebToolkitBestPractices.html (look for statelessness) You can also google for REST, RESTful or RESTful web services. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-toolkit@googlegroups.com To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en -~--~~~~--~~--~--~---
