Hi Dave,
An http session is associated with a user via an http cookie; whenever a
browser sends a request to a particular host it automatically also sends
any cookies associated with that host. The server checks for the "http
session" cookie, and if found then uses the cookie value as a key into
its collection of known http sessions and associates that session with
the request.
In both IE and Firefox a popup window always shares the cookies
associated with the parent IE/Firefox process. So it's a browser-side
problem not a server-side problem: no way for a "main" and "popup"
window to have different cookies.
Servlet engines also support encoding the "session id" as a URL
parameter rather than as a cookie, though it's not the default. I don't
know how to enable that though as cookies have always been sufficient
for me. I suggest looking in the documentation for your servlet engine
(eg Tomcat) or in the servlet spec.
I did a quick google and this page looks like a good starting point:
http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzatz/51/program/sesdeci.htm
Regards,
Simon
Dave wrote:
Hi Fintan,
Thanks!
Will killSession kills existing session? I like to keep the original
session, but start a new session for a new request(for example, click a
button).
Dave
*/"Conway. Fintan (IT Solutions)" <[EMAIL PROTECTED]>/* wrote:
Hi Dave,
In the Sandbox there is a killSession (I think that is what it is
called) tag that should refresh the session state.
HTH,
Fintan
-----Original Message-----
*From:* Dave [mailto:[EMAIL PROTECTED]
*Sent:* 27 April 2007 09:41
*To:* Tomcat Users List; [email protected]
*Subject:* force to start a new servlet session
On JSF page, click a button to open a new window. The request
will join the existing session. Is there a way to create a new
HTTP servlet session for the request(clicking the button)?
public HttpSession *getSession*(boolean create)
Create a new session only when no session already exists even if
create=true.
What I am trying to do is to Start a brand new session so that the new
session
will not have the user authentication information from the existing
session.
Thanks for ideas.
Dave
------------------------------------------------------------------------
Ahhh...imagining that irresistible "new car" smell?
Check out new cars at Yahoo! Autos.
<http://us.rd.yahoo.com/evt=48245/*http://autos.yahoo.com/new_cars.html;_ylc=X3oDMTE1YW1jcXJ2BF9TAzk3MTA3MDc2BHNlYwNtYWlsdGFncwRzbGsDbmV3LWNhcnM->
* ** *** ** * ** *** ** * ** *** ** * This email and any files transmitted
with it are confidential and intended solely for the use of the individual or
entity to whom they are addressed. Any views or opinions presented are solely
those of the author, and do not necessarily represent
those of ESB. If you have received this email in error please notify the sender. Although ESB scans e-mail and attachments for viruses, it does not guarantee that either are virus-free and accepts no liability for any damage sustained as a result of viruses. Company Registration Information: http://www.esb.ie/main/home/companies.jsp * ** *** ** * ** *** ** * ** *** ** *
------------------------------------------------------------------------
Ahhh...imagining that irresistible "new car" smell?
Check out new cars at Yahoo! Autos.
<http://us.rd.yahoo.com/evt=48245/*http://autos.yahoo.com/new_cars.html;_ylc=X3oDMTE1YW1jcXJ2BF9TAzk3MTA3MDc2BHNlYwNtYWlsdGFncwRzbGsDbmV3LWNhcnM->
