HFSJ Final Mock Question 47

Which statements about HttpSession objects are true?


A.
B.
C.
C.
E. A user who access the same web application from two broser windows is guaranteed to have two distinct session objects.

The explaination says E is invalid becasue multiple browser windos will typically share a session.

But when I following in two browser windows, I see two different JSESSIONID. How to explain that?
============
<%
Cookie cookie = new Cookie ("username","Grace");
cookie.setMaxAge( 24 * 60 * 60);
response.addCookie(cookie);
%>

<br>
<%=request.getHeader("Cookie")%>

Thanks.

anybody can help me on this?

Thanks

It is true that a session is shared between two browser windows BUT only if the browser is the same.

If suppose you log into an application in IE then a session is created for you. Now if you open another IE window this session is shared. Becasue the cookie storehouse of IE is shared.

But suppose if you open FireFox then browse to your application then the application will have no idea who the user is since Firefox has its own cookie storehouse. So it will create a new session object with a different ID than earlier.

Thanks nitin for replying.

But..
I am using IE browser, and I see different cookie values when I run my app in 2 seperate IE browsers.

Grace

Multiple windows can share the same session IF the second window was spawned from the first window participating in a session.

This can happen if a request is sent from the first window with a different target or by the user cloning the first window with something like Ctrl+N in IE.

Thank Marc.

I tried to open 2nd one using <Ctrl> N, you're right about session sharing.

But the last option of the question does not state how broswer should be opened, so should I assum that author has the implication that seperate windows will be opend by this way?

Thanks

Originally posted by Marc Peabody:
Multiple windows can share the same session IF the second window was spawned from the first window participating in a session.

This can happen if a request is sent from the first window with a different target or by the user cloning the first window with something like Ctrl+N in IE.

But Marc,
I believe session is not destroyed just by closing a browser window. So if the session is still alive even if i close the browser for a second and re open it the session should still be the same. Isn't it so?

And even I don't think that the session is shared only if the parent window spawns another window. Eventually session will be stored as cookies (except for cookies disabled). So any new instance of the browser must share the same JSESSIONID. Am I right?