• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Url Rewriting in new browser window

 
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello All,
I wanted to know what will be the servlet container behavior, when the client has the cookies disabled and it tries to open the same website in a different browser window.

So here is my scenario.
Client sends first request to the servlet, since no cookies set, the container will fallback to Url rewriting and from then on the session is maintained between the client and the server.
But now suppose the client opens a new browser window and tries to access the same link, but without sessionid appended to link, so in this case conatiner will see it as a new client and create a different session for it ?

The point i am getting at is, we say the session objects are not thread safe, because the client can open a new browser window but still it will be in the same session, but i think if the cookies are disabled , then the session objects for that client will be thread safe. is that correct or i am missing anything ?

Please advise.
 
Ranch Hand
Posts: 874
Android VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


But now suppose the client opens a new browser window and tries to access the same link, but without sessionid appended to link, so in this case conatiner will see it as a new client and create a different session for it ?



Nope. For the server it appears to be the request originating from same and only one client.


but i think if the cookies are disabled , then the session objects for that client will be thread safe. is that correct or i am missing anything ?



That's otherwise. two browser with same session access the same session values , so it does means "not thread safe"
 
Amit Hetawal
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator



Nope. For the server it appears to be the request originating from same and only one client.



Am confused how does the server know it is same client, we dont send any kind of id for that client at such.

 
Balu Sadhasivam
Ranch Hand
Posts: 874
Android VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator



Am confused how does the server know it is same client, we dont send any kind of id for that client at such.



The URL has session id in it . that's the concept of URL rewriting.
 
Ranch Hand
Posts: 331
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Amit,

I'd like to program and understand that sometime... Maybe you too could try...

1) Disable cookies (See here)

2) Code based on url rewriting.

3) Create a session counter by implementing HttpSessionListener

I have created a Session counter before:



4) Then test the case you thought of.

Regards,
Vishwa
 
When people don’t understand what you are doing they call you crazy. But this tiny ad just doesn't care:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic