Multiple Browsers & Session Tracking

Similar Messages

• Multiple user sessions for ADF application

  Hi All,
  We have a ADF application with 3-4 pages starting with a login screen.
  Assume we have two users, user1 and user2. In same system but different browser windows, when both users are logging in, only user2 's session is active. Though user1 logged in first and is able to perform transactions, the moment user2 logs in, user1's session is being over-written by user2 (user1's window now displays user2's information). I have observed the URL of user1 window which now changes to user2's URL (_adf.ctrl-state parameter of user2 is displayed in user1 browser)
  How do we overcome this?? We have a requirement to be able to open multiple user sessions.
  We are using JDeveloper 11.1.2.3.0 and browsers being used are IE 8, IE9 and chrome.
  Thanks,
  Deepti

  Hi,
  Continuation to my above question
  I am using these two statements in my code..
  ExternalContext ectx = FacesContext.getCurrentInstance().getExternalContext();
  HttpSession httpSession = (HttpSession)ectx.getSession(true);
  On any event in Window1, I gues it is getting the context and session of window2(this being the latest)..
  Shouldnt it return the context and session of the current window instead of the latest window???
  This problem is well explained here
  internet explorer 8 - How to avoid session sharing provided by IE8 programmatically in Java EE application? - Stack Over…
  I want to know.. what is the best way to handle this in ADF... We are using managed beans with request scope and using HttpSession to store few values like user Id.

• Looking for an expert on session tracking

  I've got some session code running on RH linux using Apache and Tomcat. About 7% of my users experience a session variable not being present after a <jsp:forward> (or sendRedirect). I was thinking that it was related to cookies and how sessions are tracked, but I am using both the default cookie session tracking as well as URL re-writing; when I turn my browser's cookies off, I start seeing the jsessionid being used and everything still seems to work ok.
  Is there anyone out there who might be willing to help me figure this pup out...why 7% of my users can't be tracked (session.getAttribute() doesn't find something that was placed into the session directly before the redirect/forward)?
  /paul
  [email protected]

  OK, I've done a bunch of debugging. It appears all the folks who experience a "loss of session" have a URL with no parameters...even though I now parameters where passed.
  Also, in some cases, the new URL that is being visited is accessed via either a <jsp:forward> or javascript's window.open.
  Anyone know why some browsers might not pass parameters?

• What is session tracking in servlets?

  Hi ,
  I'm studying servlets I don't have the clear idea about session tracking and Why and where we need to use it. Can any one say about this.....
  Thanks in advance,
  Maheshwaran Devaraj

  Well Mheshpmr session tracking in servlets is very important...There are a number of problems that arise from the fact that HTTP is a "stateless" protocol. In particular, when you are doing on-line shopping, it is a real annoyance that the Web server can't easily remember previous transactions. This makes applications like shopping carts very problematic: when you add an entry to your cart, how does the server know what's already in your cart? Even if servers did retain contextual information, you'd still have problems with e-commerce. When you move from the page where you specify what you want to buy (hosted on the regular Web server) to the page that takes your credit card number and shipping address (hosted on the secure server that uses SSL), now let me tell you, how does the server remember what you were buying?
  Well There are three typical solutions to this problem.
  1. Cookies. You can use HTTP cookies to store information about a shopping session, and each subsequent connection can look up the current session and then extract information about that session from some location on the server machine. This is an excellent alternative, and is the most widely used approach. However, even though servlets have a high-level and easy-to-use interface to cookies, there are still a number of relatively tedious details that need to be handled:
  * Extracting the cookie that stores the session identifier from the other cookies (there may be many, after all),
  * Setting an appropriate expiration time for the cookie (sessions interrupted by 24 hours probably should be reset), and
  * Associating information on the server with the session identifier (there may be far too much information to actually store it in the cookie, plus sensitive data like credit card numbers should never go in cookies).
  2. URL Rewriting. You can append some extra data on the end of each URL that identifies the session, and the server can associate that session identifier with data it has stored about that session. This is also an excellent solution, and even has the advantage that it works with browsers that don't support cookies or where the user has disabled cookies. However, it has most of the same problems as cookies, namely that the server-side program has a lot of straightforward but tedious processing to do. In addition, you have to be very careful that every URL returned to the user (even via indirect means like Location fields in server redirects) has the extra information appended. And, if the user leaves the session and comes back via a bookmark or link, the session information can be lost.
  3. Hidden form fields. HTML forms have an entry that looks like the following: <INPUT TYPE="HIDDEN" NAME="session" VALUE="...">. This means that, when the form is submitted, the specified name and value are included in the GET or POST data. This can be used to store information about the session. However, it has the major disadvantage that it only works if every page is dynamically generated, since the whole point is that each session has a unique identifier.
  Servlets provide an outstanding technical solution: the HttpSession API. This is a high-level interface built on top of cookies or URL-rewriting. In fact, on many servers, they use cookies if the browser supports them, but automatically revert to URL-rewriting when cookies are unsupported or explicitly disabled. But the servlet author doesn't need to bother with many of the details, doesn't have to explicitly manipulate cookies or information appended to the URL, and is automatically given a convenient place to store data that is associated with each session.

• Chat support not working on multiple browsers

  Have been trying to start chat sessions throughout the week with no luck. It's been during chat hours, and have tried multiple browsers.
  Such long wait times with phone support that I hang up before an answer.
  Any response would be greatly appreciated. It's a shame to have such horrible support / customer service with a paid membership.

  It's not working for me either.

• Session tracking and Internet Explorer

  Hi,
  I am currently maintaining a servlet application, on apache/jserv.
  This application implements a session tracking using a shared static hashtable of session data, associated with session id's.
  This application may open more than one client browser windows.
  With netscape, no problem.
  With Internet Explorer, since the version 6, when the client close at least one window, the session is closed.
  Thus, the application reject any new request from this client, sent by still open windows (session cannot be retrieved in the hashtable).
  Has somebody heard about this problem ?
  Thanks for any answer.

  Thanks.
  In fact, I believe that IE keeps the same session for
  child windows.
  The problem is: when you click on a link which open a
  new window, the new open window share the session with
  its parent window.
  When the new window is closed, the session is also
  closed.
  It appears that this mechanism only exists since the
  version 6 of IE.No. Earlier IE version handle session cookies the same way.

• Issues with having pages display correctley. It does this in multiple browsers, Chrome, IE, and FF. Some pages display correctley.

  I have been having trouble viewing pages in multiple browsers since last night. It has done this with me before. I am using an Acer Aspire and also Firefox version 23. I've tried looking online and following suggestions such as clearing the cache, retarting in safe mode, etc. Nothing seems to work. It's only on certain pages. For example- Facebook works and displays fine. It's when I go to websites like Amazon, Wix, Ebay, and others that I get the issue. The pages are displaying with a white background and just text/links and basic images. I've checked the page style and it is on Basic Page Style. Here is what I have:
  http://i45.photobucket.com/albums/f78/DovesPaintedJewel/screen2.png
  http://i45.photobucket.com/albums/f78/DovesPaintedJewel/screen1-1.png

  Start Firefox in <u>[[Safe Mode|Safe Mode]]</u> to check if one of the extensions (Firefox/Firefox/Tools > Add-ons > Extensions) or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox/Firefox/Tools > Add-ons > Appearance).
  *Do NOT click the Reset button on the Safe Mode start window.
  *https://support.mozilla.org/kb/Safe+Mode
  *https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes

• Multiple View sessions, same PC?

  View 6.0.1, Client 3.3.0
  Can I have multiple View sessions from the same PC? In other words
  Launch the Horizon View client, login, and access a desktop
  Launch the Horizon View client again, login as a different user, and access a different desktop
  Repeat until I have many session open at once
  The reason I ask is we are migrating from Exchange to Gmail. Google provides a utility called GAMME that in a larger environment can be run from multiple machines with each machine migrating one portion of the alphabet. Rather than using 10 physical machines I would rather use 10 View desktops. This will work slick if from my real PC I can access all 10 view desktops. I will be using a different login account to access each desktop.

  Have not tried yet. I did not want to go through the time setting up a separate non-persistent desktop pool if I could not login to more than one desktop at the same time. Now that I know it will work, I will run with it. Thanks for the help

• URL Session Tracking

  Hi,
  i want to make a group of JSP pages in a Web App, but assuming that the browser doesn't accept cookies.
  Is there anyway that i don't have to indicate every link as
  response.encodeUrl("index.jsp")I've heard something about a <url-session-tracking/> tag, but i've tried to put in the web.xml file, but it doesn't work.
  I just want to put Index and the App Server takes care of putting the jsessionid info in front of the url
  Thank you

  Cancelling this question.

• Can we use an overloaded constructor of a Java Bean with Session Tracking

  Hi Friends,
  If any one can solve my query.... It would be helpful.
  Query:
  I have a Java Bean with an overloaded constructor in it. I want to use the overloaded constructor in my JSP.
  1. One way of doing that is to use it directly in the "Scriptlets" (<% %>). But then I am not sure of the way to do session tracking. I think I can use the implicit objects like "session", "request" etc. but not sure of the approach or of the implementation method.
  2. Another way is through the directive <jsp: useBean>. But I cannot call an overloaded constructor with <jsp: useBean>. The only alternative way is to use the directive <jsp: useBean> where I have to write getter and setter methods in the Java Bean and use the <jsp: setProperty> and <jsp: getProperty> standard actions. Then with this approach I cannot use the overloaded constructor.
  Can any one suggest me the best approach to solve this problem ?
  Thanks and Regards,
  Gaive.

  My first reaction is that you can refactor your overloaded constructor into an init(arguments...) method. Instead of overloaded constructor, you can call that init method. This is the ideal solution if possible.
  As to the two choices you listed:
  1. This is OK, I believe. You can use scriplet to define the bean and put it into session scope of the pageContext. I am not sure exactly what you meant by session tracking; whatever you meant, it should be doable using HttpSessionAttributeListener and/or HttpSessionBindingListener.
  2. Agreed. There is no way that <jsp:useBean> can call a constructor that has non-empty arguments.
  Please tell me how it works for you.

• How to do session tracking in JSP

  I want to do session tracking in my JSP pages.Say once after the user logs in,on every page I can get his username for further use.Thank you for your help!
  Richard

  <%
  session.setAttribute("svUserName", request.getParameter("name_of_username_form_field"));
  // from the login page
  %>
  then to retrieve,
  <% String UserName;
  UserName = (String)session.getAttribute("svUserName").toString(); %>
  to display,
  <%= UserName %>

• How to use session tracking

  i am making shopping mall project .
  ist page conatins list of product avaiale
  2nd page contains list of manufacturuer avaible
  problem:-
  i want to display on 3rd page the product seleted by user in 1st page
  i used session tracking concept.but problem is the value is coming null in third page
  please tell me how to solve my problem

  If it is like a shopping cart, I suggest you to look for a good shopping cart examples available plenty online.
  But if its just about keeping session variables and using them the following works.
  Test with a simple example. Have three jsp files like a.jsp, b.jsp and c.jsp.
  put the following in a.jsp
  <% session.setAttribute("Mobile","Nokia");%>
  <%=session.getAttribute("Mobile")%>
  <a href="b.jsp">Go to B.jsp</a>Print the value of session variable - <%=session.getAttribute("Mobile")%> in b.jsp and c.jsp
  And in b.jsp have a link to c.jsp and so on. Once you set a session variable, it lives as long as your session doesnt expire.
  Try it. and also look for more session tracking examples online.
  Message was edited by:
  passion_for_java

• Session Tracking in Flex

  Hi All,
  I need a simple session tracking application. this
  application should include the following
  1) Each user should have a seperate session area where each
  user can store some info into it and retrive it.
  2) Know how many users have logged into the application.
  I come from j2ee background where these things are possible,
  so requiring the same for my application which involves multi user
  environment.
  If not the application some part of code/ ideas will be higly
  appreciated.
  Thanks in Advance to all,
  Vijay Karthik

  Hi Avinash,
  Put a status variable in the ModelLocator class(If you are using any Model class where your data can be accessed globally through out the application).
  Once the user is authenticated and logged in successfuly update the status of the variable and you can authorize based on this status variable whether
  the user is authorized to see the pages or not...
  Thanks,
  Bhasker Chari

• Always use URL Rewriting for session tracking?

  All you JSP guru:
  I am working on a JSP project that requires session tracking. I have successfully implements session tracking with both cookies or URL rewriting. I know that with the HttpSession object, it will always try to use cookie first, if that's disabled, then it'll automatically switch to URL rewriting. However, is there a way to force the HttpSession object to ALWAYS use URL rewriting instead of cookies? I have searched for an answer for a long time and haven't been able to found a solution. Is it possible at all? Thank you very much.

  i was going to say that WebSphere always uses URL rewriting if you enable it at all, but someone beat me to it (indirectly) :-)
  however, that seemed to me to be a violation of the spec, which seemed to imply the behaviour you're describing (only use URL rewriting if cookies are not supported on the current client)
  here's a response someone else made on a websphere newsgroup to a statement in that regard:
  I believe you are technically correct. However from my
  experience, I think the spec if flawed in this area since
  there is no reliable way of determining whether the
  client browser supports cookies. The authority on
  cookies (www.cookiecentral.com) says:
  "To properly detect if a cookie is being accepted via
  the server, the cookie needs to be set on one HTTP
  request and read back in another. This cannot be
  accomplished within 1 request."
  This is asking too much of a servlet engine
  implementation. Even if it did submit a request for this
  purpose, the user could refuse the cookie. So
  then technically the browser supports cookies, but the
  servlet engine infers it doesn't. So if the servlet engine
  infers the browser does not support cookies and so
  encodes the URL, it is again out of spec because the
  browser really does support cookies. By doing it
  however encoding is configured makes things simpler,
  robust, consistent and avoids the flaw.
  My opinion.so, mostly i'm just rambling, but if you're using websphere, you should get the behaviour your boss wants. if you're using something else, i suppose there's a chance it'll "violate" the spec in this same, potentially helpful way.
  btw, i remember somebody else complaining that URL rewriting is less secure than cookies, but i kinda think they're about equal. it seems like either could be intercepted by a sniffer and then used to spoof. but i'm no expert in that stuff...

• Similar to multiple x sessions

  I know that on linux you can initiate multiple x sessions so that when you connect to the computer using VNC and use the mouse and keyboard without interfering with what the user on the computer does.
  Is there some way to start a new session on the mac and do that same thing?

  TL;DR version - not really.
  Long winded version...
  Much of the apple magic in making X11 work within the Cocoa on top of Aqua on top of Quartz/OpenGL/QuickTime stack makes this really hard to do.
  Have you looked over Xnest - it's really powerful and can act as a server and a client. If remote boxes are ssh into the mac and using the multiple displays set up under Xnest your local display would be cluttered but one mac could support many remote machines with X11 services.
  See these links for some good reading on the subject:
  [Fun with Xnest HowTo|http://box.matto.nl/xnest.html]
  [X11 for Mac OS X|http://www.scl.utah.edu/computers/mac/help/x11>
  The only time I've seen this actually deployed, xnest was ditched after a few days of pain. Instead, a beefy Mac Pro with RAM/CPU to spare was set up with VMWare fusion and a virtual machine per user with linux/freeBSD installed. Then X11 could roam there free of "the dictator" known as Quartz Compositor.