Hi Mauro At least this one I can answer for you.
You will deffinitely not be able to start a new session for each browser window opened if you are using session cookies. The Session cookie specification is slightly different to that of normal cookies. It shares the same rule that the browser will send the cookie only to the domain from which it originated. But the session cookie lasts the lifetime of the browser whereas the normal cookie will be saved. So if a browser is closed (not just a window of the same browser process) the cookie will die with it. All the browser windows share the same cookies and if a session cookie is available for a the domain being accessed the cookie will be sent along. I.o.w if your servlet/jsp makes a call to request.getSession(true); the session ID identified in the request will return the session object stored at the server identified by the session ID in the request (cookie) if there is no session id or the session has expired on the server a new session will be created and a request will be made to the browser to kindly return a session cookie with the supplied id. If request.getSession(false); is called, the same process as above occurs but a new session will not be created. Thus to understand "who the session id belongs to" the answer is something like: The session id as a cookie is kept for the lifetime of a browser process on the client and identified on the server. Different vendor browsers will all have their own session cookies and thus session ids. To solve your problem it is correct what Ralph said. A session cookie cannot be used because the cookie is shared by all browser windows of the same browser process. The sollution is url rewriting in which the session id is not sent by a cookie but is sent as a request parameter and thus if the client opens a new browser window and types in your URL it will not contain the session id request parameter and thus a new session can be created on the server. This might not be the case if the client asks for a link on your application to open in a new window because the parameter might be in the link. I hope this makes it slightly clearer. Nick. -----Original Message----- From: Mauro Daniel Ardolino [mailto:mauro@;altersoft.com.ar] Sent: Wednesday, October 30, 2002 4:38 PM To: Tomcat Users List Subject: RE: Session start OK, but I still have some servlets that have to communicate using HttpSession setting and getting objects between them. So if on each call to different servlets I obtain a new session, then I loose the objects contained in the session. So reading your answer I think that the problem is to who belongs the session id. Does it belongs to the machine that is browsing? I mean: the IP address? I don't think so because in multiple text sessions of the same linux machine, browsing from each the same servlet, I obtain different sessions. Does it belongs to the user? which user? windows user? linux user? other OS users? No, the same user on different linux sessions, gets different HttpSession. So I have to think that depends on the OS. E.g. on linux it depends on the linux session. I'd like to bypass this behavior opening a session each time a user opens a browser. I think I have to rescue a browser window id or something like that from the HttpServletRequest. Any ideas? Thanks, Mauro On Wed, 30 Oct 2002, Ralph Einfeldt wrote: > It's quite simple. > > Whenever a request reaches tomcat that contains no > session id (url or cookie) or a session id that > doesn't belongs to a active session, tomcat creates > a new session. > > To do what you want you have to disable cookies > in tomcat. This way you will get a new session > whenever a new window is opened and the url that > is used for the window contains no session id. > > Ralph Einfeldt > Uptime Internet Solution Center GmbH > Hamburg, Germany > Hosting, Content Management, Java Consulting > http://www.uptime-isc.de > > > -----Original Message----- > > From: Mauro Daniel Ardolino [mailto:mauro@;altersoft.com.ar] > > Sent: Tuesday, October 29, 2002 5:13 PM > > To: [EMAIL PROTECTED] > > Subject: Session start > > > > I'm confussed about when does a session starts. > > > > Browsing with netscape on a linux gui, opening 2 browsers, > > calling the same servlet, the session is shared. I want > > to start a new session! I mean every time a user opens a > > new browser or a new window of the browser and calls my > > servlet, I want to start a new session. > > -- > To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> > For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org> > > -- Ing.Mauro Daniel Ardolino Departamento de Desarrollo y Servicios Altersoft Billinghurst 1599 - Piso 9 C1425DTE - Capital Federal Tel/Fax: 4821-3376 / 4822-8759 mailto: [EMAIL PROTECTED] website: http://www.altersoft.com.ar -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org> -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
