How are you starting a new browser from this *same* machine? If you are pressing Ctrl-N New Window, this is your problem! This will appear to be two browsers, when actually it is two browser "windows" over the same session! You must start a second (3rd, 4th, ...) browser the way you started the first if you truly want unique session ids.
Scott On 8/26/07, Pavel Sapozhnikov <[EMAIL PROTECTED]> wrote: > > Hey what does that thing implementing ApplicationAware really do for you? > > On 8/26/07, Mark Rollins <[EMAIL PROTECTED]> wrote: > > > > > > You are correct - I decided to refactor as I was pasting!! Sorry. > > > > > > Rod Bollinger wrote: > > > > > > This may not be the only issue but I do see a typo in setSession()... > > > > > > It should be: this.session = session; instead of this.session = map; > > > > > > -Rod > > > > > > > > > -----Original Message----- > > > From: Mark Rollins [mailto:[EMAIL PROTECTED] > > > Sent: Saturday, August 25, 2007 05:47 > > > To: user@struts.apache.org > > > Subject: Re: Session problem > > > > > > > > > > > > This is my first Struts app, so it's quite simplistic. What I'm trying > > to > > > achieve is to lock down certain processes so that only one user can > run > > > them > > > at a time. I intended to do this by having an application variable > > holding > > > the User object for the user currently running the process and > examining > > > this prior to starting the process and reporting who was running it if > > it > > > was already running. > > > > > > All Actions extend BaseActionSupport (this is a cut down version)... > > > > > > //============================== > > > > > > public abstract class BaseActionSupport extends ActionSupport > implements > > > SessionAware, ApplicationAware { > > > > > > protected Map session; > > > protected Map application; > > > > > > ... > > > public void setSession(Map session) { > > > this.session = map; > > > } > > > > > > public void setApplication(Map application) { > > > this.application = application; > > > } > > > ... > > > > > > public User getUser() { > > > return (User) session.get(CURRENT_USER); > > > } > > > > > > ... > > > > > > protected boolean setProcessLock(String lockName) throws > > > ActionException > > > { > > > > > > if(lockName.equals("")) throw new ActionException("Lockname > not > > > specified in setProcessLock"); > > > > > > User processLock=(User) application.get(lockName); > > > > > > if(processLock!=null) > > > throw new ActionException("Process lock "+lockName+" > already > > > set. Use checkProcessLock() first."); > > > else{ > > > application.put(lockName, this.getUser()); > > > return true; > > > } > > > } > > > ... > > > } > > > > > > //============================== > > > > > > > > > In the LoginAction, where User bean is declared with "prototype" > > scope... > > > > > > ... > > > ApplicationContext context = SpringUtils.getApplicationContext > > (); > > > User usr = (User) context.getBean("User"); > > > > > > > > > ... > > > if (usr.exists(userID)) { > > > usr.getUser(userID); > > > if (usr.validPassword(password)) { > > > logger.info("User " + usr.getUserID() + " logged > on."); > > > session.put(CURRENT_USER, usr); > > > return SUCCESS; > > > } > > > } > > > ... > > > > > > > > > > > > //============================== > > > > > > > > > In setProcessLock, the getUser() call returns the second user object > > when > > > run by the first user (using the previous example). There may be no > > other > > > actions between the login and the process commencing so the > opportunity > > > for > > > overwriting is very limited, and I don't think this is the problem > > (well, > > > not directly anyway). > > > > > > > > > > > > Laurie Harper wrote: > > >> > > >> You have some cross-talk somewhere in your code, by the sound of it. > > >> Take a look at any code that touches the session; you probably have > > >> something somewhere that's at the wrong scope (in application scope > > when > > >> it should be session/request, a Spring bean accidentally configured > as > > >> singleton scope, ...). > > >> > > >> Without access to your source code, it's impossible to say much more > > >> than that but if you can narrow it down and post the code that's > > causing > > >> the problem, someone may be able to explain why it's not working as > you > > >> expected. > > >> > > >> L. > > >> > > >> MARollins wrote: > > >>> I am running everything from one machine, but access the app from > > >>> different > > >>> browsers in order to get different sessions (ie IE and Firefox). I > > have > > >>> tried the second user from another machine and it didn't make any > > >>> difference. > > >>> > > >>> The app also uses Spring, but I have configured this to give me a > new > > >>> user > > >>> object as required rather than the default singleton, and I'm happy > > this > > >>> is > > >>> working. > > >>> > > >>> When logging in for the second user, I can see that the session map > is > > >>> empty > > >>> for the new user's session, then session.put is called with the new > > user > > >>> object, and this seems OK. > > >>> > > >>> If I then call an action using the first user and access the session > > >>> map, > > >>> hey presto, I've got the user object from the second user. > > >>> > > >>> Server is Tomcat 5.5 and Struts is v2. > > >>> > > >>> > > >>> newton.dave wrote: > > >>>> --- MARollins <[EMAIL PROTECTED]> wrote: > > >>>>> I'm having a problem whereby objects saved on the > > >>>>> Session are visible to other sessions. > > >>>>> > > >>>>> For example, the login page saves a new User object > > >>>>> on the session using session.put (I have a base > > >>>> class > > >>>>> for all my Actions which implements SessionAware in > > >>>>> order to be able to access Session variables). When > > >>>> a > > >>>>> second user logs on, the first user then sees the > > >>>>> second user's ID. It's almost like we're writing to > > >>>>> the application rather than the session. > > >>>>> > > >>>>> Any ideas where I'm going wrong? > > >>>> Not with so little information to go on. > > >>>> > > >>>> Is the "second user's login" happening from a > > >>>> different machine and / or different browser? > > >>>> > > >>>> d. > > >>>> > > >>>> > > >>>> > --------------------------------------------------------------------- > > >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] > > >>>> For additional commands, e-mail: [EMAIL PROTECTED] > > >>>> > > >>>> > > >>>> > > >>> > > >> > > >> > > >> --------------------------------------------------------------------- > > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > > >> For additional commands, e-mail: [EMAIL PROTECTED] > > >> > > >> > > >> > > > > > > -- > > > View this message in context: > > > http://www.nabble.com/Session-problem-tf4324658.html#a12324676 > > > Sent from the Struts - User mailing list archive at Nabble.com. > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > -- > > View this message in context: > > http://www.nabble.com/Session-problem-tf4324658.html#a12333777 > > Sent from the Struts - User mailing list archive at Nabble.com. > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > -- > Pavel Sapozhnikov > xFact, Inc > [EMAIL PROTECTED] > -- Scott [EMAIL PROTECTED]
