• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

session problem  RSS feed

 
Ranch Hand
Posts: 196
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I want to know that if a

1.User logs into an application and the servlet involved puts some data in HttpSession.
2.User logs out and again logs in using same browser window.
3.A call to HttpSession session = request.getSession(true); will return old session or new session if old session is not timed out yet?

regards,
Ajse
 
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If the user has logged out the session should have been invalidated (it doesn't need to time out in this instance), so you should get a new session.
 
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Depends on what is meant by "user logs out".

Is session.invalidate() called? Then a session will be created, as the old one was destroyed.

If you mean the user surfed to another page and then returns, the old session should still be alive and valid and should be reused (depending on how session tracking is done .. cookies or url rewriting, ...)

Regards,
Uli
 
ajse ruku
Ranch Hand
Posts: 196
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for your replies.

session.invalidate(); was not called when user logged out.
So i think old session will be used if he logs in again with the same browser.

Also if he uses another browser to log in again then it will be a new session?

regards,
Ajse
 
Sheriff
Posts: 9613
37
Android Google Web Toolkit Hibernate IntelliJ IDE Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
well if you have not called invalidate, then the old session will be used normally (i.e. if cookies are enabled or if disabled, all the URLs are encoded with session id)

ajse roy wrote:Also if he uses another browser to log in again then it will be a new session?



well if the user uses the same browser's new windows i.e. for example he/she uses two windows of IE 7, then I think the same session will be used as the cookies will be common. But for different browsers i.e. for example one window of IE and one of Fire Fox, then different sessions will be used...
 
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes if the session is not invalidated then the same session id is used if you send a request from the same window but if you login from a new window a new seesion id is created thus creating a new session.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!