Now I figure how it works ;) Thanks to all! -- Mauro
On Wed, 30 Oct 2002, Nick Lombard (VSP) wrote: > Hi Mauro > > At least this one I can answer for you. > > You will deffinitely not be able to start a new session for each browser > window opened if you are using session cookies. > > The Session cookie specification is slightly different to that of normal > cookies. It shares the same rule that the browser will send the cookie only > to the domain from which it originated. But the session cookie lasts the > lifetime of the browser whereas the normal cookie will be saved. So if a > browser is closed (not just a window of the same browser process) the cookie > will die with it. All the browser windows share the same cookies and if a > session cookie is available for a the domain being accessed the cookie will > be sent along. > > I.o.w if your servlet/jsp makes a call to request.getSession(true); the > session ID identified in the request will return the session object stored > at the server identified by the session ID in the request (cookie) if there > is no session id or the session has expired on the server a new session will > be created and a request will be made to the browser to kindly return a > session cookie with the supplied id. If request.getSession(false); is > called, the same process as above occurs but a new session will not be > created. > > Thus to understand "who the session id belongs to" the answer is something > like: The session id as a cookie is kept for the lifetime of a browser > process on the client and identified on the server. Different vendor > browsers will all have their own session cookies and thus session ids. > > To solve your problem it is correct what Ralph said. > A session cookie cannot be used because the cookie is shared by all browser > windows of the same browser process. The sollution is url rewriting in which > the session id is not sent by a cookie but is sent as a request parameter > and thus if the client opens a new browser window and types in your URL it > will not contain the session id request parameter and thus a new session can > be created on the server. This might not be the case if the client asks for > a link on your application to open in a new window because the parameter > might be in the link. > > I hope this makes it slightly clearer. > > Nick. > > > > > -----Original Message----- > From: Mauro Daniel Ardolino [mailto:mauro@;altersoft.com.ar] > Sent: Wednesday, October 30, 2002 4:38 PM > To: Tomcat Users List > Subject: RE: Session start > > > OK, but I still have some servlets that have to communicate using > HttpSession setting and getting objects between them. So if on each call > to different servlets I obtain a new session, then I loose the objects > contained in the session. > > So reading your answer I think that the problem is to who belongs the > session id. Does it belongs to the machine that is browsing? I mean: the > IP address? I don't think so because in multiple text sessions of the same > linux machine, browsing from each the same servlet, I obtain different > sessions. Does it belongs to the user? which user? windows user? linux > user? other OS users? No, the same user on different linux sessions, gets > different HttpSession. So I have to think that depends on the > OS. E.g. on linux it depends on the linux session. I'd like to bypass > this behavior opening a session each time a user opens a browser. I > think I have to rescue a browser window id or something like that from > the HttpServletRequest. > > Any ideas? > > Thanks, > > Mauro > > > > On Wed, 30 Oct 2002, Ralph Einfeldt wrote: > > > It's quite simple. > > > > Whenever a request reaches tomcat that contains no > > session id (url or cookie) or a session id that > > doesn't belongs to a active session, tomcat creates > > a new session. > > > > To do what you want you have to disable cookies > > in tomcat. This way you will get a new session > > whenever a new window is opened and the url that > > is used for the window contains no session id. > > > > Ralph Einfeldt > > Uptime Internet Solution Center GmbH > > Hamburg, Germany > > Hosting, Content Management, Java Consulting > > http://www.uptime-isc.de > > > > > -----Original Message----- > > > From: Mauro Daniel Ardolino [mailto:mauro@;altersoft.com.ar] > > > Sent: Tuesday, October 29, 2002 5:13 PM > > > To: [EMAIL PROTECTED] > > > Subject: Session start > > > > > > I'm confussed about when does a session starts. > > > > > > Browsing with netscape on a linux gui, opening 2 browsers, > > > calling the same servlet, the session is shared. I want > > > to start a new session! I mean every time a user opens a > > > new browser or a new window of the browser and calls my > > > servlet, I want to start a new session. > > > > -- > > To unsubscribe, e-mail: > <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> > > For additional commands, e-mail: > <mailto:tomcat-user-help@;jakarta.apache.org> > > > > > > -- Ing.Mauro Daniel Ardolino Departamento de Desarrollo y Servicios Altersoft Billinghurst 1599 - Piso 9 C1425DTE - Capital Federal Tel/Fax: 4821-3376 / 4822-8759 mailto: [EMAIL PROTECTED] website: http://www.altersoft.com.ar -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>