In context od multiple windows here is the quote from the servlet spec. How the session are treated is depend on the browser processes.
Due to the fact that cookies or SSL certificates are typically controlled by the Web
browser process and are not associated with any particular window of the browser,
requests from all windows of a client application to a servlet container might be part
of the same session. For maximum portability, the Developer should always assume
that all windows of a client are participating in the same session.
Closing or terminating windows will not terminate the session. It will still live in the app server. Some servlet container even preserve the session objects , though the server is crashed or restarted. Here is quote from servlet spec.
In the HTTP protocol, there is no explicit termination signal when a client is no
longer active. This means that the only mechanism that can be used to indicate when
a client is no longer active is a timeout period.
Hope it help you.
Thanks for your info...
When i stored an object in the session , it was still available in my new browser created through ctr+N, but when i used the same URL in a new browser that same object which i had stored in the session is not visible.
As stated in the Spec i think it depends on the browsers way of handling
the session.For IE when we open a new window using ctrl+N the browser will copy whatever session in the current browser to the newly opened browser.
Whereas it won't copy over the same when we open a new window.
Pls correct me if iam wrong.
I stated the assumption make in spec. Using IE you are getting different sessions for different windows. It is browser specific. Have you tried on the FireFox/Netscpe browsers ?
I am not a Microsoft expert, but someone can tell you how to set your IE to run all your windows using single browser process. I think it is possible.
Session tracking through HTTP cookies is the most used session tracking mechanism and is required to be supported by all servlet containers.
The container sends a cookie to the client. The client will then return the cookie on each subsequent request to the server, unambiguously associating the request with a session. The name of the session tracking cookie must be JSESSIONID.
This link expains that