Re: New session for new browser window

Fri, 22 Jun 2001 03:40:27 -0700 

Herv� Guidetti wrote:

> If I remove  the cookies in my browser, the ACL in my application becomes
> null...

Aye. All your browser windows will get dissconnected form the session.

> If I add cookies="false" in server.xml of Catalina, I get an Infinite
> Redirect Error. :-(
> 
> I read the
> http://jakarta.apache.org/turbine/proposals/browser-bound-app-context.html
> In it I can read : "If opening of windows in a multi-windowed application is
> utterly under control of the application (the window is created using
> JavaScript, with context identifier token removed from the URL, to inform
> the application that it needs to create a new context) window contexts will
> work fine."

Please note that context identifier is something differnt that servlet 
engine's session identifier. 

> How is it possible to create new window with JavaScript with context
> identifier token removed from the URL when I use cookies ?

Sure you can do some URL juggling before opening the new window, but
this
won't solve your problem. HTTP session is *per browser*. Window contexts
are something that you (or someone) have to implement, and they *do eat*
memory.

> Any idea, why I get an Infinite redirect error when I set cookies="false"
> for Catalina ?

You get the infinite redirect errors, because Turbine contains some code
that forces creation of the session upon first request to the Turbine
servlet. This code is legacy from dark Jserv 1.0 days, and has proven
to be an aboundant source of bugs, confusion and frustration ever since
that 
time.

My experience with sessions under Tomcat 3.* and Catalina proves that
there
is no need whatsoever to froce the creation of the session, because 
it is created no problem when the application (or the framework)
requests
it for the first time.

Maybe I'm missing something, but for me the HTTP sessions 'just work'
and
that session spawning code in Turbine.java is cruft.

(oh man, Jon is going to flame me to hell :))

Rafal

--
mgr inz. Rafal Krzewski
Senior Internet Developer
mailto:[EMAIL PROTECTED]
+48 22 8534830 http://e-point.pl

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to