session problem

i have a jsp page, once the user logged in iam creating a session in the jsp page.When the user logged out iam invalidating the session.

when two users logged in, and if one user logged out, the other user session is also getting invalidated.I dont want this to happen i.e. evethough the first user logged out second can continue his work.

Can any one tell me how to solve this problem?

i don't know what kind of application you'd do this in...never seen anything where two users would be on the same workstation...but my guess is that you could store the session variables on the server?

Abhishek,

Please Post Real Code. Without seeing your code we can only guess why you're seeing this behavior.

thanks all for the reply..
once the user logged in, he will move to session.jsp page

session.jsp page

<div align='left'><a href="logout.jsp">Logout</a></div>
<%
HttpSession session1=request.getSession();
if (session1.isNew())
{
out.println("New Session is Created <br>");
out.println("Session id=="+session1.getId());
session1.setAttribute("check","check");
%>
<a href="compose.jsp">Compose</a>
<%
}
else
{
session1=request.getSession(true);
out.println("Session is old, New Session is Created <br>");
out.println("Session id=="+session1.getId());
session1.setAttribute("check","check");
%>
<a href="compose.jsp">Compose</a>
<%
}
%>

once the user click the logout page, user will be logged out ans session will be invalidated
logout.jsp page

<%
HttpSession session1=request.getSession();

if (!session1.isNew())
{
session1.invalidate();
out.println("Session Invalidated..");
}
%>

here is the compose page, here iam checking the varaibale set in session if it is null iam forwarding back to login page..

<%
HttpSession session1=request.getSession();
if (!session1.isNew())
{
String check=(String)session1.getAttribute("check");
if (check==null)
{
%>
<jsp:forward page="slogin.jsp">
<jsp:param name="memid" value="" />
</jsp:forward>
<%
}
else
{
out.println("Session exists proceed to do the work");
}
}
else
{
%>
<jsp:forward page="slogin.jsp">
<jsp:param name="memid" value="" />
</jsp:forward>
<%
}
%>

Hi Abhishek!!!


1)First of all i will recommend you to use Code Tags
while posting code in any forum,since your code was quit
difficult to read,i simply got lost in it.

2)For each users Login a different session is created ,
and value is stored in it it is much like HashTable.
A different set of data is kept for each visitor to the site.


3)One thing to ask is why you are not using the implicitly
avaliable object session?


4)By default session is always set to true,so you can use

session.setAttribute("check",check);
instead of this in your JSP.

<% [B]HttpSession session1=request.getSession();[/B] if (session1.isNew()) { out.println("New Session is Created <br>"); out.println("Session id=="+session1.getId()); session1.setAttribute("check","check"); %>


5)If one user Logs-in the value is stored in session
and later Logs out the session gets invalidated
so all the attributes are lost.
Now another user Logs-in again new session is created
and values are set ,and now if you go to Compose page
you will get that particular users info,and not the first
users info.

6)I would suggest to go through this link it will help you to
go ahead with sessions.
Study sessions


May be this helps you to some extent.

SCJP(1.5),SCWCD(On the way)
Dhwani:>Winning is not important but it is the only thing.
[ April 29, 2008: Message edited by: dhwani mathur ]

thanks for the quick reply, this time i have made the code simple
once the user logged in, he will move to session.jsp page

session.jsp page
<div align='left'><a href="logout.jsp">Logout</a>    <a href="compose.jsp">Compose</a></div> <BR> <% out.println("Is session new ?"+session.isNew()+"<BR>"); out.println("session id="+session.getId()); session.setAttribute("check","check"); %>

once the user click the logout link, he will be logged out and session will be invalidated

logout.jsp page

<% session.invalidate(); out.println("Session Invalidated.."); %>

here is the compose page, here iam checking the varaibale set in session.if it is null iam forwarding back to login page.

<% String check=(String)session.getAttribute("check"); if (check==null) { %> <jsp:forward page="slogin.jsp"> <jsp:param name="memid" value="" /> </jsp:forward> <% } else { out.println("Session exists proceed to do the work"); } %>

Hi Abhishek



So now how does it work?

i mean to ask do you get the expected
results?



SCJP(1.5),SCWCD(On the way)
Dhwani:>Winning is not important but it is the only thing.

no Mr. dhwani mathur, i didnot get the expected result
the problem comes when i open a new window from an existing window.

i.e. for example , i have opened a new window and typed the login page url.
now i opened another window from an exisitng window using control+N option.
like wise i opened three windows.

So, when i open the windows in this fashion, session created in the main window will be same in all the windows that opened thru control+N option.

So, when the user logged out from any one of the windows, session will be invalidated in all the windows..

tell me how to sort this problem.

Originally posted by Abhishek Reddy:
no Mr. dhwani mathur, i didnot get the expected result
the problem comes when i open a new window from an existing window.

i.e. for example , i have opened a new window and typed the login page url.
now i opened another window from an exisitng window using control+N option.
like wise i opened three windows.

So, when i open the windows in this fashion, session created in the main window will be same in all the windows that opened thru control+N option.

So, when the user logged out from any one of the windows, session will be invalidated in all the windows..

tell me how to sort this problem.

I would not consider this a problem at all. This is how sessions work in browsers. Why do you want it to only log out on the current window?

/Jimi

thanks for the reply,
let us consider i have opened the windows in the above mentioned way.
One for user one and the other for user two.
Based on the user type iam forwarding the user to two different pages.
i.e. user one will see one page and user two will see other page.

If user one job is done and if he logged out, user two should be in a position to do his work.

Note:
Keep in mind that users one and user two work are done by same person due to some reasons.

Now, tell me how to resolve this problem?

Originally posted by Abhishek Reddy:
thanks for the reply,
let us consider i have opened the windows in the above mentioned way.
One for user one and the other for user two.
Based on the user type iam forwarding the user to two different pages.
i.e. user one will see one page and user two will see other page.

If user one job is done and if he logged out, user two should be in a position to do his work.

Note:
Keep in mind that users one and user two work are done by same person due to some reasons.

Now, tell me how to resolve this problem?

ok. I'm not sure that you can solve this problem. There is simply no standard and easy way to detect that a new browser window was opened and then create a new session while still keeping the old session for the old window alive. The reason is that the session id is stored in a cookie, and that cookie is shared between browser windows (if you opened the new browser window using Ctrl-N). So this is a browser issue, not a java issue.

You can however get multiple sessions to work by asking the user to open different browser instances (not sure if it works in Firefox, but with IE it works if you open a new window using the IE shortcut instead of Ctrl-N). Or the user can have one Firefox window and one IE window.

If you really want this behaivor even with multiple browser windows (using the same browser instance and therefore sharing the same session cookie), then it is still possible but I would say that it would require some work. For instance you could keep track of your own "sessions", using a special id, and have a link that says "Create new session". When the user clicks that link then you generate a new "session" with a unique id, and then you make sure that all your links contain this id as a parameter (and all forms aswell, ofcourse).

/Jimi
[ April 29, 2008: Message edited by: Jimi Svedenholm ]

Hi Abhishek!!!

For your information
i am Miss Dhwani Mathur
please dont mess up my name,
and about your issue i think rancher
Jimi Svedenholm has already answered your doubt
up to the mark.I too think it is difficult
to keep track of new browser windows being
opened each time and later as you have
mentioned creating a new session with
each browser window simultaneously.

1)But still one more thing comes to my
mind is Once you open the browser load
the page new session gets created and
value is stored i.e sets the attribute .

2)Now when you open the second browser window
by pressing Ctrl+N the same page gets loaded.

Now this time it will check if session already exist
which evaluates to true
since in the first window you have already created
a session.

3)Now once you go to first window and press
Logout session gets invalidated .The same effects
go to the second browser window as well.

I hope it helps

Dhwani:>Winning is not important but it is the only thing.



Dhwani:>Winning is not important but it is the only thing.
[ April 29, 2008: Message edited by: dhwani mathur ]