tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Question about Session MGMT
Date Thu, 06 Sep 2007 21:57:31 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Joshua and Rob,

Joshua Fielek wrote:
> That is because you have one session per browser session.

Or, more precisely, your application is using a cookie to maintain
state, and since the cookies used for both logins have the same
hostname, path, and name, the second cookie overwrites the first and you
are left with a single login in two different windows/tabs.

> This is why you can log in to an email webapp, navigate away, and if you
> return within the timeout for the email session, you are treated as
> though you never left.
> 
> YMMV, because this may not be true of _all_ webapps :-)

Right. One way to allow multiple logins in separate tabs is to disable
the use of cookies on the server (or even your web browser). If you've
been writing your web pages properly, all of your links should have the
session id encoded in them when cookies are not being used, and sessions
will be maintained by using that information instead of cookies.

In this case, you can login as many times as you want in separate
windows/tabs/processes/etc. and you'll get a separate session in each of
them.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG4HfL9CaO5/Lv0PARAm+AAJ9w1Gn3P/uXfFFgXFz3ggQxNjWOewCbBYT+
YiJINdhnJXJ66QdH95iyRlw=
=FKj2
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message