Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Browser close > session cookie vanishes ??

 
Sandeep Vaid
Ranch Hand
Posts: 392
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HFSJ P-248,

Session cookie vanish when the client's browser quits....

There are 2 things :
1) session objects at server side
2) cookie at client side

If anyone of these vanishes, we can't use the same session again. Right?

I think the statement in bold is incorrect as i have specified the session-timeout as 10 min. I first access the servlet and it prints New Session. Then i closed my broswers window and open it again. then i access the same servlet, it prints old session...
Moreover i can see the cookie object in browsers options....

Also we say that session can expire in these cases
1) Timeout
2) invalidate()

These 2 options also doesn't corresponds to the statement in bold...

I am also aware of the cookie that we can attach to the response and this cookie has nothing to do with session( It's not a session cookie). This cookies timeout is specified by setMaxAge().
 
raj malhotra
Ranch Hand
Posts: 288
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
did you close all the windows of a same browser?
 
Marc Peabody
pie sneak
Sheriff
Posts: 4727
Mac Ruby VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I agree with Raj, you probably didn't close all of the windows for the browser and opened a "new" browser by selecting File > New Window rather than opening a new instance of the browser application. Then again, I know that the current generation of browsers (IE7 in particular) handles session-sharing across instances a little differently... but I haven't taken the time to study its behavior yet.

Originally posted by Sandeep Vaid:
Also we say that session can expire in these cases
1) Timeout
2) invalidate()

These 2 options also doesn't corresponds to the statement in bold...

Well, those things kill the session on the server but it doesn't kill the cookie on the client's browser. The client still passes the cookie forward with its requests, clueless that the session was terminated.
 
Sandeep Vaid
Ranch Hand
Posts: 392
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Marc,
You SAid ,
Well, those things kill the session on the server but it doesn't kill the cookie on the client's browser


As per my knowledge server side session object gets destroyed either when session-time or invalidate() is called. It doesn't depend on closing of client's broswer. Right ?

Moreover we say that session should be valid even though client closes the browser window.. which is a contardictary stataement with the statement in bold (orginal Post)



Actaully at that time i had 2 instances of my browser . I closed one of them and re-opened it again.

Let me check it with only one instance. I will reply the results to this forum...
[ March 25, 2008: Message edited by: Sandeep Vaid ]
 
Sandeep Vaid
Ranch Hand
Posts: 392
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I specified the time-out as 10 min...
I tried with one instance and it's working fine. Meaning
when i close my Browser,the cookie (at client side)vanishes.

but i think the session object (at server side) will still be there for 10 min.. Only thing is that it won't be reused as the there is no client cookie with the same jsessionid as that of server object..

Is my understanding correct ?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic