Thanks all. I am impressed (and grateful) that so many persons are taking an interest in this.
Bear - Sorry again. I did not mean to sound condescending. Your suggestion to try another browser to narrow down possible causes is a good one. I will install Firefox and check it out. I am having to do this on my own time (i.e. outide of normal working hours), because management says it's time to move on to building the next web app. The current app works, even if it is hideously inefficient in managing session resources, because it keeps creating new sessions for the same user. However I would still like to get to the bottom of this problem, since I don't want to make a habit of writing unscaleable apps, or not taking advantage of sessions.
Lucas - I am not using a frameset, just iframes embedded in JSPs. I can try redirecting as you suggest, although from using trace messages and step-through debugging, the multiple session / same user problem occurs as soon as the jsp in the iframe executes.
Stefan - I am including both JSPs. (A
string search on encodeURL will get you to the relevant parts quickly). I hope I am making a dumb mistake. It wouldn't be the first time that another, more experienced, pair of eyes, pointed out something I was blind to. Although I have done a fair amount of ASP programming, this is my first JSP/Servlet web app, so I am sure I have lots to learn yet. By the way, yes, I am not (yet) encoding where all other pages are opened by buttons via JavaScript, but it's on the "find a way" list if I ever get this problem resolved.
thanks
Sombra Flores
(code for main JSP and its IFRAME follows, plus tomcat console messages showing second session created, organization name has been changed to
"confidential")
=============