• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

cookie interference with user session

 
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm building a Struts web application where after a user logs on to the site, they can perform a search of certain data stored in our system. I've found a problem, however, that if a user has two open browser windows(the same browser), and performs a concurrent search with varying search criteria, then the results, which I have stored in a session object, will be comprimised due to browsers using the same jsession id via cookies. When using two different browsers, eg Firefox and IE, the problem does not exist. I'm wondering if there is some way to prevent this from happening, without getting rid of the cookie stored jsessionid.

I originally found this problem when I tried logging on as two different users, with two browser windows, and the second login would take over the session. ie when I went back to the first browser window, it would switch from the original logged in user to the user who I logged in as in the other window.

Sorry if these descriptions are vague or confusing, but this problem has been annoying me for a while and I can't figure out how to solve it, as I would prefer to use cookies instead of url rewriting.
 
Sheriff
Posts: 67753
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This will happen for any browser instances that share cookies. IE will do this depending on how the browser windows were opened.
 
Steve Levin
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
So the only way to prevent this would be to disallow cookies and use URL rewriting?

If so, how do I prevent cookies from being used, as they seem to be automatically generated, and is using only URL rewriting considered to be best practices for struts, or at least acceptable practices?

Thanks
 
Farmers know to never drive a tractor near a honey locust tree. But a tiny ad is okay:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic