Hi Maximilian, Basically we are stuck with some legacy application parts that while these are scheduled to be replaced we have to support them until they have been. Using filters would not solve the issue as the 'Hack' as you put it is done at a cookie path level. We do use filters to implement security, ntlmv2 authentication, caching & anti-caching, etc so I am fully aware of the power of filters.
I agree hacking away at a part of Tomcat is not the best solution but it was the only one currently available to resolve the issue. And was my original reasoning behind posting to this group to see if anyone could suggest a better solution. Thanks for your input. Rob > -----Original Message----- > From: Maximilian Stocker [mailto:m...@talentoyster.com] > Sent: 05 October 2010 16:03 > To: 'Tomcat Users List' > Subject: RE: Tabbed browsers sharing session - work around. > > This application (or mess of applications munged together) is a big mistake, > the source of all your problems and should be the only thing that you address. > That's why nobody else has "this problem". "This problem" is a sign of serious > misconceptions in design and development. > > And if you really must not fix the real problem why in the world did you hack > away at tomcat? Why not filters? You can do a lot with filters that would be > much preferable to what you have done including the fact that it would just > run without having to modify the servlet container. > > -----Original Message----- > From: Rob Gregory [mailto:rob.greg...@ibsolutions.com] > Sent: Tuesday, October 05, 2010 10:51 AM > To: Tomcat Users List > Subject: RE: Tabbed browsers sharing session - work around. > > Hi Chris, > > In Internet Explorer 5.5,6.0 if you opened up two separate browser instances > they would have two 'un-connected' sessions. As stated by Ronald they would > share the session if the 2nd was opened using ctrl-n but otherwise the > sessions would be unique. Cookies may have always worked as they do now but > the browser would store them within each instance. They seem to have changed > to now share the sessions/cookies and this was introduced at the same time as > tabbed browsers IE7+. > > Regards, > Rob > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Rob, > > > > On 10/5/2010 5:03 AM, Rob Gregory wrote: > > >> Sounds like you need to be pretty careful. Is it possible you've built a > > >> fragile application? > > > > > > Some legacy parts of the application became fragile when the browsers > > > started sharing sessions and this fix has been implemented to work > > > around that fact. > > > > I'm not sure anything changed recently with web browsers: cookies have > > always worked this way, tabs or not. > > > > - -chris > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.10 (MingW32) > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > > > iEYEARECAAYFAkyrOnIACgkQ9CaO5/Lv0PAjZACfVpeZ5GcmtKXgt/UmmO34Xw4R > > 1OwAoIRt03dpZFoBbuRnyzvzGgsxS5jB > > =JiSB > > -----END PGP SIGNATURE----- > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org