• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

session problem

 
ajse ruku
Ranch Hand
Posts: 196
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I want to know that if a

1.User logs into an application and the servlet involved puts some data in HttpSession.
2.User logs out and again logs in using same browser window.
3.A call to HttpSession session = request.getSession(true); will return old session or new session if old session is not timed out yet?

regards,
Ajse
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If the user has logged out the session should have been invalidated (it doesn't need to time out in this instance), so you should get a new session.
 
Uli Hofstoetter
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Depends on what is meant by "user logs out".

Is session.invalidate() called? Then a session will be created, as the old one was destroyed.

If you mean the user surfed to another page and then returns, the old session should still be alive and valid and should be reused (depending on how session tracking is done .. cookies or url rewriting, ...)

Regards,
Uli
 
ajse ruku
Ranch Hand
Posts: 196
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for your replies.

session.invalidate(); was not called when user logged out.
So i think old session will be used if he logs in again with the same browser.

Also if he uses another browser to log in again then it will be a new session?

regards,
Ajse
 
Ankit Garg
Sheriff
Posts: 9528
33
Android Google Web Toolkit Hibernate IntelliJ IDE Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
well if you have not called invalidate, then the old session will be used normally (i.e. if cookies are enabled or if disabled, all the URLs are encoded with session id)

ajse roy wrote:Also if he uses another browser to log in again then it will be a new session?


well if the user uses the same browser's new windows i.e. for example he/she uses two windows of IE 7, then I think the same session will be used as the cookies will be common. But for different browsers i.e. for example one window of IE and one of Fire Fox, then different sessions will be used...
 
Rajat Raina
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes if the session is not invalidated then the same session id is used if you send a request from the same window but if you login from a new window a new seesion id is created thus creating a new session.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic