Link to home
Start Free TrialLog in
Avatar of sethupathi
sethupathi

asked on

one site ,open two browser with two accounts ,interchanging the data ,how to avoid this?

Hi,
I've a problem with my https site,if two users opened in the two different browser windows in the same machine the second entered data got over ridden with older one,i am setting a secure cookie in my servlet because i 've to have cookie,how we can avoid the second user will not get the first users data?Right now i put a check in the Login servlet to check whether it has any cookie ,force the user to close the browser and open a new one,the need is we want both the users will be alive with their data.
if you need more info please let me know.
Thx
sethu
Avatar of sethupathi
sethupathi

ASKER

This is some what difficult situation so its really appreciated if i get answer.
How can two different users open two different browsers on the same machine at the same time?

Maybe I don't understand your question properly...
ok. one user has two accounts with my site ,he opened one window with his first username,open the second window and log in with second username ,now if goes back to first window and try to go some other link he is getting the second user name's information ,the cookie which was set to the first one was over ridden with second one,the question is how we can keep the same cookie for each user?here i am setting only tmp cookie once the browser closed the cookie will be gone,now you go thru the first mail probably will give you good understanding.
if you need some more let me know
Thanks for immeadiate response, i've a hope once i was got back by you.
Thanks
sethu
Avatar of girionis
> How can two different users open two different browsers on the same machine at the same time?

  Exactly!!!
 How are you setting the cookies? Does each cookie contains unique information or do you have the same information in both cookies?
There is only one instance of servlet class regardless of number of connected users.

When your firts user connect you, probably, store some of his data in Login servlet object data. When second user connects, the same Login servlet object instance is used. Therefore, the second user will see first user's data.

If you need to store some user's data for future use you can store it in corresponding HttpSession object:

session.setAttribute(java.lang.String name,
                     java.lang.Object value)

You can use session.getAttribute(java.lang.String name) method to get this data later.
Can you (a) set the cookie filename?  Or (b) the location of the cookie file?  If either of those are possible, you can do (a) set the cookie to be username.txt, or (b) <cookiePath>/username/cookie.txt

-Mark.
ASKER CERTIFIED SOLUTION
Avatar of Mick Barry
Mick Barry
Flag of Australia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Since you are setting the cookies yourself, wide_awake has suggested a good solution.

Listening...
 I do not think there is a need to set the cookie filename, just set different unique information in the cookie. Username would do. Then check all the cookies the browser returns with each request against the username of the user logged in.
If the cookies from the site always had the same filename, you'd end up with the same problem.  When the 2nd user logged in, it'd overwrite the first user's cookie, then both users would be pointing to the same data (2nd user's).

Different filenames are a good way to encapsulate all the info.
 The cookie always has the name you give it therefore if you give it different name (lets say the username in our case) then you can distinguish between cookies since you will only look for the cookie that its name matches the username of the user logged in.
sethupathi:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

Accept objects' comment as answer.

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

jimmack
EE Cleanup Volunteer