> But It returns the same session. The session created by N1. I want to have
> multiple sessions running simultaneusly working independent of each other.
> Is it possible to do so?
If the sessions are managed with cookies, you will only have one session per user.
This
is because the cookie is associated with the client in general, not a specific browser
window. Another, more difficult, way to manage sessions is "URL re-writing."
With URL re-writing, a parameter is attached to each link (for GET methods) or a hidden
variable is added to every form (for POST methods). This variable controls the
session.
Because the value is embedded in the HTML, different browser windows (showing different
sets of HTML) can have different sessions. This method is straightforward, but tricky.
1. If your code "misses" a place where a URL needs to be re-written,
or a hidden variable needs to be added, the session is lost.
2. If your user leaves the application, the session is lost (unlike cookies,
which stick around for a while)
3. If a user bookmarks a page, they will end up freezing that session
id in their bookmark, making the bookmark useless (assuming you
expire sessions!)
4. If a user bookmarks a page, it puts their session ID in the bookmark
list, which can be a security hole, particularly because some JavaScript
attacks can read the bookmarks.
I hope this helps.
-- Charles
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
