Same session id returned for 2 different concurrent login
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Anonymous
Posted On:   Monday, November 12, 2001 10:26 PM

Hi, I'm using iPlanet Web Server, Fasttrack edition. The web server returned the same session id when I login to 2 user accounts (a web application) using the same browser type on the same machine. For example, - login as User A using IE5 on computer A - login as User B using IE5 also on computer A. Since the web server is returning the same session id, the profile of User A is being overwritten by profile of User B. This does not happen when, 1. - login as User A using IE5 on computer A - login as User B using Netscape on computer A or 2. - login as User A using IE5/Netscape on computer A - login as User B using IE5/Netscape on co   More>>

Hi,
I'm using iPlanet Web Server, Fasttrack edition. The web server returned the same session id when I login to 2 user accounts (a web application) using the same browser type on the same machine.

For example,
- login as User A using IE5 on computer
A

- login as User B using IE5 also on computer A.

Since the web server is returning the same session id, the profile of User A is being overwritten by profile of User B.

This does not happen when,
1. - login as User A using IE5 on computer A

- login as User B using Netscape on computer A

or

2. - login as User A using IE5/Netscape on computer A

- login as User B using IE5/Netscape on computer B


Please advise.

Thank you very much.

   <<Less

Re: Same session id returned for 2 different concurrent login

Posted By:   Naveed_Azhar  
Posted On:   Monday, November 12, 2001 10:51 PM

Hi there

When a user login, your application should work like this

  • put the code to invalidate the session ( session.invalidate() )
  • create a new session then login another user?
  • store user information in new session.

In fact, in IE if a user works in the same window ( or create another window using Ctrl+N , File/New Window ) same session is retained. But if a user open a separate window from the shortcut on desktop it is a new application so is a new session.
Please also read some information about choice in toolbar menu "ToolsInternet OptionsSecurityCustome levelCookies"

naveed@hotmail.com
About | Sitemap | Contact