JavaSercer Pages Sessions and (Web hosting shopping cart) Multiple Windows Even though
JavaSercer Pages Sessions and Multiple Windows Even though session tracking lets an application recognize related requests, there’s still one problem. This problem is related to the server’s lack of knowledge of the client, and does not become obvious until you start testing an application that depends on session information. Consider what happens if you open two browser windows and start accessing the same web application. Will each window be associated with its own session, or will they share the same session? Unfortunately, the answer is not well-defined. And it doesn’t matter if the server-side logic is implemented as servlets, JSP, ASP, CGI, or any other server-side technology. The most commonly used browsers, Netscape Navigator and Microsoft Internet Explorer, both let you open multiple windows that are actually controlled by the same operating system process. Internet Explorer can be configured so that each window is instead controlled by a separate process. In the latter case, it’s easy to answer the question: each window is associated with its own session. It’s only when one process controls multiple windows that it gets a bit tricky; in this case, the answer depends on whether URL rewriting or cookies are used for session tracking. When URL rewriting is used, the first request to the application from one window doesn’t include a session ID, since no response with the session ID has been received yet. The server sends back the new session ID encoded in all URLs in the page. If a request is then submitted from the other window, the same thing happens: the server sends back a response with a new session ID. Hence, in this scenario each window is associated with a separate session. If cookies are used to pass the session ID, the reverse is true. The first request submitted from one window doesn’t contain a session ID, so the server generates a new ID and sends it back as a cookie. Cookies are shared by all windows controlled by the same process. When a request is then made from the other window, it contains the session ID cookie received as a result of the first request. The server recognizes the session ID and therefore assumes that the request belongs to the same session as the first request; both windows share the same session. There’s not much you can do about this. If you want each window to have its own session, most servers can be configured to always use the URL rewriting method for session tracking. But this is not foolproof. The user can open a new window by using the mouse pop-up menu for a link (with the session ID encoded in the URI) and ask to see the linked page in a new window. Now there are two windows with the same session ID anyway. The only way to handle this, unfortunately, is to educate your users. page 95
Note: If you are looking for reliable and quality webspace company to host and run your servlet application check professional servlet hosting services