Topic: Same session id returned for 2 different concurrent login

Same session id returned for 2 different concurrent login

1 posts in topic

Flat View

Thread View

Older Post First | Reply to Topic

TOPIC ACTIONS:

Print Topic

Posted By: Anonymous
Posted On: Monday, November 12, 2001 10:26 PM

Hi, I'm using iPlanet Web Server, Fasttrack edition. The web server returned the same session id when I login to 2 user accounts (a web application) using the same browser type on the same machine. For example, - login as User A using IE5 on computer A - login as User B using IE5 also on computer A. Since the web server is returning the same session id, the profile of User A is being overwritten by profile of User B. This does not happen when, 1. - login as User A using IE5 on computer A - login as User B using Netscape on computer A or 2. - login as User A using IE5/Netscape on computer A - login as User B using IE5/Netscape on co More>>

Report | Quote This | Send private message | Reply | Print

Re: Same session id returned for 2 different concurrent login

Posted By: Naveed_Azhar
Posted On: Monday, November 12, 2001 10:51 PM

Hi there

When a user login, your application should work like this

put the code to invalidate the session ( session.invalidate() )
create a new session then login another user?
store user information in new session.

In fact, in IE if a user works in the same window ( or create another window using Ctrl+N , File/New Window ) same session is retained. But if a user open a separate window from the shortcut on desktop it is a new application so is a new session.
Please also read some information about choice in toolbar menu "ToolsInternet OptionsSecurityCustome levelCookies"

naveed@hotmail.com

Report | Quote This | Send private message | Reply | Print