struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Struts Two <>
Subject Re: Struts 2 session problem
Date Sat, 17 Jan 2009 17:31:51 GMT
There are a few solutions to your problem:

1- You can serialize your object as a hidden field and deserialize it on each request if you
need it. It serves like a baggage that you carry form page to other. In this way, you avoid
putting any object in session scope.
Some folks may argue that this is not efficient for huge-sized objects, but keep in mind httpsession
should not be confused with storage. I already use this solution in a few medium size webapps,
works like charm.

2- If the object put in session is sort of object like ,say, the one the holds user credentials,
roles, timezones, etc that can be calculated at each request, you may have custom interceptor
that does it each time a user submits a request. You may incur just an extra cost of going
to databse, to get all the information but with today's hardware speed and software, you should
not worry about that. I have also used this solution and it also works like charm.

3- [I have not tried this myself ], If you are using servers like websphere, they provide
other ways of session management except cookies and url rewriting like using ssl id for session
management. You may want to try it.

--- On Sat, 1/17/09, RajibJana <> wrote:

> From: RajibJana <>
> Subject: Struts 2 session problem
> To:
> Received: Saturday, January 17, 2009, 5:23 AM
> Hi All,
> I am using struts 2.0.14 to build an enterprise
> application. It uses spring,
> hibernate, tiles, Dojo 1.2.2.
> Now I have a serious problem.
> My application has lots a pages and each page shows the
> logged in userid ( a
> string variable). This userid is put into the session map
> injected by the
> SessionAware interceptor. The injected userid is used in
> jsp page
> (#session.userid)  to show the logged in user info and also
> is saved in
> database for each business transaction for audit control.
> Now the problem is:
> 1) A User opens a browser window( IE 7/Firfox) and logs in
> the application
> as User X and the application shows the logged in userid as
> X and DB
> transactions also get userid info as X.
> 2) The same user opens a bowser tab or new window from the
> opened window (
> from where he logged in as X), and logs in the application
> as User Y. Now
> userid Y overrides the userid X in session map( as no new
> session is not
> opened, I guess) and I get userid as Y in both the browser
> tabs. My
> application breaks.
> 3) If the user opens a new browser instance, then a new
> session is created
> and both the windows have their own user id info( i.e.
> userid doesnt
> override)
> I tried the scope interceptor ( by starting a conversion),
> but the result is
> same( i.e. could not get new session in a window tab).
> I searched for a solution, could not get a solution. Please
> suggest how to
> get rid of this problem.
> Thanks
> Rajib
> -- 
> View this message in context:
> Sent from the Struts - User mailing list archive at
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

Ask a question on any topic and get answers from real people. Go to Yahoo! Answers and share
what you know at

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message