Problem on session managment

Hello to all!

I want to access same session Id from the instance of two different browsers. Can any body help me out?

example:
First time i send the request from google crome session is created wrt this request.
Now i open new window of Mozilla.

I want to access same session in mozilla.

Why do you want to do this? Two browsers is two different sessions.

Hi,

The behavior is not identical.Session id will be different. but there are other things for session management like hidden fields through which you can get the same session id across different browser. but on every page you need to have that hidden field.

Regards
Jatan

Actually i want to develop a small online test application. In this application i have a requirement that any user which is already log in, should not log in again in any other browser. also if he/she tried to do so then they get same as if anybody tried to open two instances of same browser. i.e., user should be already logged in.

Hi Preet,

For this you can take one extra field in database as islogedin .. if user is logged in set it to true .Once user loges out set it to false.Also need to set it to false on session timeout .

If you are not using database then you should maintain map with all the users who are logged in and can check whether the user is logged in or not.

Regards
Jatan bhavsar

jatan bhavsar,

Many thanks to you. This will help me a lot.

jatan bhavsar wrote:Also need to set it to false on session timeout .

That's not going to work that easily. If I have two open browser windows and I ignore one, then its session will timeout while I'm still active in the second browser window. You can only log someone out in the database if a) he logs out manually, or b) all of his sessions timeout. That means you have to keep track of all these sessions per user. You could use the database, or a servlet context attribute. The latter could be a Map<String, Set<String>> with the keys being the user names and the values being sets of session IDs. If a session is created for the user, add an element to this Set (creating it if necessary), and if a session is destroyed you remove an element. If that was the last element you can remove the entire map entry and log the user out of the database. Make sure you add proper synchronization to the servlet context attribute if you choose this solution.

yet another way could be something like this -

maintain the state of user (eg. which page is the user viewing right now with what all params in the server session itself)
have a mechanism to retrieve the session Object using the user Id
every time when the application is opened in a browser, render the login page, (maintain the session using URL rewriting or hidden field instead of cookies to avoid any previously left cookie)
whenever there is a login request, check whether that user is already logged in, if yes, then render the existing state (with new session & invalidate the older session), otherwise show the normal home page.