Thats a problem in your server code... Session is binded to a connection (browser session) basically, not a machine. If you open a second browser (or a second tab) you should get a different session-id. Don't use JSESSIONID in url parameters, but in session cookie (unless you need to cross protocols like http <-> https)
For security, you will have to bind an 'ending' date to the session's authentication. Nicolas Romantzoff General Manager Tél.: (+33) 478 53 65 17 -----Original Message----- From: Vishnu Vardhana Reddy [mailto:[email protected]] Sent: Friday, 19 December, 2008 12:55 To: [email protected] Subject: how to invalidate old sessions when new user access appl on same machine hi all, I am using Mozilla browser to access my web application.User one access my application using his credentials .but i left that browser open.after that I am opening the another Mozilla window and accessing my application using different credentials ex:user2 credentials .user 2 also can access my application.but when i open the first browser ..am automatically getting second user session.how can we avoid this problem. Application is using session identifier(jSessionID) as the URL parameter for session management. is it possible to invalidate the old session when new user access on same machine. thanks, Vishnu -- View this message in context: http://www.nabble.com/how-to-invalidate-old-sessions-when-new-user-access-ap pl-on-same-machine-tp21090090p21090090.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] _____ avast! Antivirus <http://www.avast.com> : Outbound message clean. Virus Database (VPS): 081218-0, 2008-12-18 Tested on: 2008-12-19 13:54:20 avast! - copyright (c) 1988-2008 ALWIL Software. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
