The browser is really configure to accept cookies (verifying this was
the minimum that I could have done). I'd done some other tests to find the
problem cause but I was on the wrong track it seems. After your reply, I
verify the session Id receive by my servlet and it seems that it was the
same for all the frames requests, confirming what you said. However, I
notice that the session Id change from the 1st page (return by the servlet)
to the 2nd page (request by the client).
Here's my new hypothesis:
Could it be possible that since the session values (at login time) are
set by a different servlet than the one returning the other pages (and
accessing the previous values), Netscape 4 see this as two different servers
and don't send the cookie receive from the 1st servlet to the 2nd one?
For example, can Explorer see "www.yahoo.com/ServletA" and
"www.yahoo.com/ServletB" as 1 server and use the same cookies for both while
Netscape see this as 2 servers and maintain different cookies for both?
Thanks a lot for your help,
Stephane
----- Original Message -----
From: "Kevin Mukhar" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 16, 2001 10:06 AM
Subject: Re: Session, frames and Netscape 4
> Stephane Cloutier wrote:
> >
> > - Is my assumption that Netscape 4 handle session differently and is
> > keeping one session per frame instead of one per browser is true?
>
> No. You must be making some error someplace. Browsers have no concept of
> session. A browser only knows certain things. One thing it knows is how
> to submit (POST or GET) a request. Another thing it knows is that if it
> has cookies sent from a server, it must send the cookies to the server
> with a request. If
>
> - you login from one frame, and
> - the server creates a session, and
> - the server sends the session id in a cookie
>
> Then any other request the browser makes to the server, no matter which
> frame it comes from, will include the cookies from the server. If the
> session id was sent in a cookie, it will be returned in a cookie and the
> server will be able to identify the session.
>
> I don't know why it works for you with IE and Netscape 6, but not with
> Netscape 4. On my last project we developed an intranet application for
> a client using Netscape 4 as the browser. We had multiple frames and
> even multiple windows opened by the application and we never had a
> problem with session tracking.
>
> Are your sure Netscape 4 was configured to accept cookies? (There was a
> thread on this group yesterday complaining about IE5.5 not supporting
> sessions, it turns out the IE5.5 browser had cookies turned off. See
> "Session tracking with IE 5.5")
>
> > - Is there a way in the servlets to know that a request is coming
from
> > the same browser but from a different frame and then, give the access to
the
> > authenticated frame values to the non-authenticated one without
compromising
> > security?
> > - Is there any way of doing such a thing (besides using some script
to
> > force all the frames to log and then, generate 3 requests instead of
one)?
>
> The only reliable way is through session tracking. This occurs
> automatically; the servlet container sends the session id in a cookie;
> the browser, regardless of the frame, returns the session id with each
> request.
>
> K Mukhar
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
