Session variable being overidden!!!

Experts,

I have a this session problem, the session variable being overidden. Let me briefly explain, lets say I login into page A and the session variable is set to "A". Then I open another browser and I login to page A again and the session variable sets it to "B". This value "B" overides the first session variable. Why ???? I am using netscape navigator as my browser and the web server is netscape enterprise 4, the application code is JSP.

I need help urgently. Thanks


Cheers
jason101799Asked:
Who is Participating?
 
objectsConnect With a Mentor Commented:
From the Enterprise server manual:

"Session objects maintain state and user identity across multiple page requests over the normally stateless HTTP protocol. A session persists for a specified time period, across more than one connection or page request from the user. A session usually corresponds to one user, who may visit a site many times. The server can maintain a session either by using cookies or by rewriting URLs. "
0
 
objectsCommented:
SOunds like it's the same session variable.
Can u give some more detail about what you're doing.
0
 
kotanCommented:
This is because you open 2 netscape browser in the same computer. Normally, it will overide the data received.
You can try to open 1 netscape and 1 IE in the same computer, I think it should be worked fine.
0
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

 
jason101799Author Commented:
objects,

Okie, Let says I login the first time and I set Session variable "test" = "Malaysia" then I do a select statement to retrieves all information based on Malaysia. It works fine. Then I login again using another ID, this time the session variable "test" is set to "Australia" then I do a select statement and all the data ties to Australia is returned. Unfortunately, when I click on the first browser which its session variable assign as "Malaysia" was overwritten by the second browser session variable as "Australia".

Why it happens on Netscape but not IE. I have worked on IIS and I have never come across such issue. Can u guyz advice?

Cheers
0
 
tomboshellCommented:
It is the same browser on the same machine, with two instances of that browser accessing the same server at basically similar times.  I would say that the two instances of the browser is seen as the same thing, or same connection.  I wouldn't think that there is an easy work-around, but I am interested in hearing if there is one.

Tom
0
 
jason101799Author Commented:
Tomb,

I thought each session should be unique and the web server should be able to identify which session requested this page and return the value accrodingly. IIS do not have this issue. I wonder why???


Cheers
0
 
jason101799Author Commented:
objects,

I am lost, please enlighten.


Cheers
0
 
objectsCommented:
That's how it's behaving isn't it.

0
 
jason101799Author Commented:
Objects,

Is there a way I can control this situation??? I am in a dilemma. Perhaps you can suggest a better solution.


Cheers
0
 
objectsCommented:
Hmm, enterprise server allows you to write your own session manager but that's probably a bit of an overkill.

If you can differentiate between the two instances then you could provide some prefix (or suffix) to your session variable names.

test.1 = "Australia"
test.2 = "Malaysia"


0
 
jason101799Author Commented:
Object,

Actually this session is a common session and every user that logs in will be accessing the same variable. This session variable will be used through out the application. Perhaps you can advice on creating a unique sessions for each login.

Thanks in advance.

Cheers
Jason
0
 
objectsCommented:
I'm confused, your problem is that one page is overriding a variable from another page (same session).
But then you say that every user that logs in will be accessing the same variable, so naturally the value is getting overwritten.
So do you need to maintain a different version of 'test' for every user, or every window, or what?


0
 
jason101799Author Commented:
Objects,

Let me clarify, there is a common page whereby every user will access it. Lets say "login.jsp", in this page once a user has been verified, I will assign the country code to a session variable "test". Lets say I open another browser on the same PC, I login as a different user and accessing the same page "login.jsp". Once successful, I assign a different country code to the session variable "test"(because it's a different user). But the second value in the second browser overides the first value stored in the same session variable earlier(first browser).

I hope this clarify the ambiguity that u had. Can u suggest any idea??

Cheers
Jason

0
 
objectsCommented:
Different users getting the same session, don't like that.

WHat not append the username to the the 'test' variable name:

test.john="oz"
test.bob="png"
0
 
jason101799Author Commented:
Objects,

If I append the username to the session variable, how am I to get this value from another page or should I say how am I suppose to recognise that which session variable I need to take it's value?

In page "select.jsp" I will select the data based on the user country code. ("Select * from country where ctry_id = session("test")") My question is how can I tell browser a to use test.john and browser b to use test.bob .Both browser will be accessing page "select.jsp"

Any idea?

Cheers
Jason
0
 
objectsCommented:
Is the user name available to you?
0
 
jason101799Author Commented:
Object,

I can use the user ID and make it unique.

Cheers

0
 
objectsCommented:
The following reference may help, it recomends using URLRewriting instead of cookies to pass the session id:

http://www.jguru.com/faq/view.jsp?EID=142445

0
 
jason101799Author Commented:
Obj,

I have tried that, but it's giving a funny problem. If you are using URLRewritting, I have to disable the cookies first, which I think it's difficult because it's on the client site. Maybe I used the wrong methods of writting, do you have any idea to fix it in URLRewritting?

Cheers
Jason
0
 
objectsCommented:
I don't think you actually can :(
But it does make it a bit clearer regards what's going on, and that always make finding a solution a little easier.
0
 
jason101799Author Commented:
Obj,

If you come up with a solutions please feel free to drop me a word or two. I will be grateful, in the meantime I hope others can contribute is they have any ideas.


Cheers
Jason
0
 
objectsCommented:
It's really up to you, the facts are that two browser window share the same set of cookies and so share session id's.
So if you need to support different users logging in from the same browser at the same time then you'll need to implement something along the lines that I mentioned above (append userid to variable name).
Other options are ignoring cookies which appears platform dependant, or don't allow concurrent logins from one browser by different users.

It's up to u.
Sorry I couldn't be more help :(
0
 
jason101799Author Commented:
Obj,

How can I detect that a particular user has access this page "login.jsp" and when he/she tries to open another browser pointing to "login.jsp" I will prompt them to close one browser only.


Cheers
0
 
objectsCommented:
Can u maintain the currently logged in userid in a session variable.
0
 
jason101799Author Commented:
Objects,

If I append it to a Session variable, lets say "test.John", it should not be a problem.My main concern will be how do I differentiate which session variable I should use when two user login from two different browser?



Ex:
After UserID "one" login through browser "A", I set the session variable "test.one" to "Malaysia".I do a select statement to retrieve  all data based on "Malaysia".

Then another USerID login as "two" through browser "B", I set the session variable "test.two" to "Australia". AT this stage how can my select statement detects which session variable to be used as the where clause?

My select statement: "Select * from country where country_cd = '" + Session("variable") + "'"

The variable for the session cannot be distinguish between the two browser. The two browser will not know which to choose unless I can specify it.

Cheers
Jason
0
 
objectsCommented:
Can you do something like:?

"Select * from country where
country_cd = '" + Session("variable"+userid) + "'"

Or can you set a variable when someone logs in, and clear it when they logout:

"currentlogin"=userid

And then when someone logs in, check if if sets and performa suitable action.
0
 
jason101799Author Commented:
Obj,

Setting the variable is not a problem, but getting the select statement to recognise which session variable to choose from will be a headache.

As I mentioned earlier , the select statement will be used by any user but the where clause depends on the user id. How can I differentiate User One and User Two??

"Select * from country where country_cd = '" + Session("test.john") + "'" or "Select * from country where country_cd = '" + Session("test.mary") + "'" ??. Object, at this stage I can't tell the select statement to choose which session variable because there are two user logging in. Any idea?

Cheers
Jason
0
 
jason101799Author Commented:
Obj,

Setting the variable is not a problem, but getting the select statement to recognise which session variable to choose from will be a headache.

As I mentioned earlier , the select statement will be used by any user but the where clause depends on the user id. How can I differentiate User One and User Two??

"Select * from country where country_cd = '" + Session("test.john") + "'" or "Select * from country where country_cd = '" + Session("test.mary") + "'" ??. Object, at this stage I can't tell the select statement to choose which session variable because there are two user logging in. Any idea?

Cheers
Jason
0
 
jason101799Author Commented:
Obj,

Setting the variable is not a problem, but getting the select statement to recognise which session variable to choose from will be a headache.

As I mentioned earlier , the select statement will be used by any user but the where clause depends on the user id. How can I differentiate User One and User Two??

"Select * from country where country_cd = '" + Session("test.john") + "'" or "Select * from country where country_cd = '" + Session("test.mary") + "'" ??. Object, at this stage I can't tell the select statement to choose which session variable because there are two user logging in. Any idea?

Cheers
Jason
0
 
objectsCommented:
Is it possible to post or email the jsp page.
Be easier to work out a solution if we're both looking at the same thing.
0
 
jason101799Author Commented:
Ok, let me email it to u. Whats ur email address?
0
 
objectsCommented:
Its on my profile.
0
 
objectsCommented:
You could use something along these lines in verify.jsp to check if someone is already logged in.  Another option would be not show the login screen if "user_id" already exists in the session, forcing them to first logout the session.


String current_user = (String)session.getValue("user_id");
if (current_user!=null)
{
   // Someone is already logged in using this session

   if (current_user.equals(userid))
   {
     // same user
   }
   else
   {
      // different user
   }
}
else
{
   // Proceed as normal
}

0
 
jason101799Author Commented:
Object,

The unique key in my user table will be "userid" and "country_cd". I can assign same userid but different country code.

The mehtod that you advice is mainly to check for userid, but my concern will be the assignment of country_code for that user. Once log in successful, I will check the user's country code and assign to a session variable. I will do my select statement base on this session variable that stores the country code.

How can I abandon all the session if I click logout?? (JSP)

Cheers
0
 
objectsCommented:
> How can I abandon all the session if I click logout?? (JSP)

You'd just need to remove userid from the session. That way next time they tried to login it they would be allowed.
0
 
NetminderCommented:
jason@lc,

These questions are still open. Please resolve them appropriately as soon as possible. Continued disregard of your open questions will result in the force/acceptance of a comment as an answer; other actions affecting your account may also be taken. I will revisit these questions in approximately seven (7) days.

http://experts-exchange.com/jsp/qShow.jsp?ta=win2k&qid=20167319
http://experts-exchange.com/jsp/qShow.jsp?ta=java&qid=20153401
http://experts-exchange.com/jsp/qShow.jsp?ta=java&qid=20151128
http://experts-exchange.com/jsp/qShow.jsp?ta=java&qid=20146743
http://experts-exchange.com/jsp/qShow.jsp?ta=javascript&qid=20150594
http://experts-exchange.com/jsp/qShow.jsp?ta=visualbasic&qid=20245522
http://experts-exchange.com/jsp/qShow.jsp?ta=asp&qid=20239352
http://experts-exchange.com/jsp/qShow.jsp?ta=asp&qid=20166221
http://experts-exchange.com/jsp/qShow.jsp?ta=xml&qid=20243323
http://experts-exchange.com/jsp/qShow.jsp?ta=exchangesvr&qid=20240796

EXPERTS: Please leave your thoughts on this question here.

Thanks,

Netminder
Community Support Moderator
Experts Exchange
0
 
NetminderCommented:
Admin notified of User neglect. Force-accepted by
Netminder
Community Support Moderator
Experts Exchange
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.