From: "Matija Grabnar" <[EMAIL PROTECTED]>
There is no need for having two separate sessions if you can guarantee the
user will ALWAYS be able to finish
one task before starting another. That works beautifully in theory, not so
well in real life.
Practical case one: database of users for an ISP. A helpdesk operator is
going through his tickets, looking up one user at a time, when a phone
call comes in. He now either has to deal with the customer without looking
them up (practically impossible), or he has to abandon the session where
he half completed the processing of the ticket in order to look
up the customer. Both alternatives are unappealing.
Practical case two: a webshop where items can be customised. (i.e. first
you choose a widget, then you specify the color, case design, ram size,
two wheels or four, .... Let us say all of those choices affect the
price). As long as your customers go through the shop one widget at a
time, everything is fine. But if he goes through two different sessions at
a time
because he wants to "comparison shop", they have a problem. If *all* your
state is in the cookie, it is simply impossible
for them to do that.
There are very good reasons why PART of the session information should be
unique to each tab, and PART of it should be common. Deciding which part
belongs where requires knowledge of the problem domain, and thinking
through of common usage scenarios.
Saying "Oh, that problem is solved by choosing browser X" is completely
unacceptable in the real world. In the real world, you can NOT choose
which browser all the people using your application will run, nor can you
afford to turn away those who run different browsers.
But there is the option of opening a new window by clicking on the icon of
that browser, or using the shortcut defined for it.
Then in the new window you can open a totally separate page, with its own
state, and that page can use a cookie-based session.
This is the way I do every time. I never open another window using Control+N
from the currently opened window of the browser, so there is no relation
between the 2 windows.
But I think my misunderstanding is because the question was not very
complete.
I guess (again) that the user might want to login a single time, and not
open 2 separate windows and login twice or for more times, so in fact a
single session is required, and more sessions should be avoided.
So the user want to have a single session and in the same time he also wants
to keep 2 or more separate sets of data in 2 or more windows, like you
exemplified.
In that case using only cookies is not possible because when the new window
is started all the cookies from the original window are copied, not only the
permanent cookies.
There is a solution that can use cookies-only, but I think that nobody like
it. The session could use permanent cookies which are available in all the
windows, and the data which is available only in one window is kept in
temporary cookies (which are not saved to the disk).
In that case the new window should be opened by clicking on the browser
icon, or using its shortcut, and not starting from a certain browser window,
and some users might not like that, because they should type again the url
of that web site (even though they won't need to login again, since the
cookie of the session is permanent).
And in that case the user should logout manually before closing the browser,
because otherwise another user might come, open that web site, and he will
be automaticly logged in.
Octavian
_______________________________________________
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/