RajibJana wrote:
1) if one opens a window and a tabbed window, logs into the application by giving different user id and password combinations, then two seperate sessions are not created. As a result, in the session map userid overrides each other and same user id ( last logged in user ) is shown in all pages in two windows.
One running browser instance shares session across all windows. Using Safari and Firefox in tandem will allow two sessions from one machine. It sounds here like you've got another problem, though--it sounds like your login logic is not first checking that you're *already* logged in in that session, and disallowing the second login until the first session is destroyed by logging out.
2) If one opens two window instances ( not tabbed one), logs into the app by giving different user info, then two seperate sessions are created, two distinct userid is stored in two seperate sessions and each window shows the correct usr id in its all pages.
I would like to know what browser shows this behavior. It might be a timing issue: If you load the login screen in two windows/tabs before submitting either of them, there's a chance each login form is displayed in such a way that they are each creating stub sessions that are fleshed out by that specific form on that page getting submitted. If you are able to witness this behavior it should not be relied upon. In fact, I would consider the logic that's creating those two sessions to be flawed since it's way too browser specific to rely upon.
-Dale --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
