?
Solved

How JSESSIONID is created

Posted on 2007-10-17
7
Medium Priority
?
1,443 Views
Last Modified: 2013-11-23
Hi Guys

I would like to find out how JSESSIONID is actually created. Also is it unique everytime it is craeted. I tried logging in an application with a userid and note down the JSESSIONID. After logging out I logged in again using a different login information but the JSESSIONID remained the same. Would anyone know how I can make them unique to a particular user if that is possible.

Thanks
0
Comment
Question by:huzefaq
  • 3
  • 2
  • 2
7 Comments
 
LVL 86

Expert Comment

by:CEHJ
ID: 20095609
>>After logging out I logged in again using a different login information but the JSESSIONID remained the same.

That sounds very strange. Can you reproduce it?
0
 

Author Comment

by:huzefaq
ID: 20096364
yes I acn reproduce it. Does this happen because I am using the same browser.
Also is there a way that at the login time I can make sure that a new JSessionID is produced

Thanks

0
 
LVL 86

Expert Comment

by:CEHJ
ID: 20096397
Are you in control of the web app?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:huzefaq
ID: 20096496
yes I am testing this in my local was server
0
 
LVL 86

Assisted Solution

by:CEHJ
CEHJ earned 400 total points
ID: 20096595
The following shows how the session can be managed

http://www.informit.com/articles/article.aspx?p=332851&seqNum=4&rl=1
0
 
LVL 92

Assisted Solution

by:objects
objects earned 1600 total points
ID: 20099178
sounds like u maybe have a problem with logging out, or a caching problem.
check when you logout that the session is getting invalidated.

(yes it will be different for a different session)
0
 
LVL 92

Accepted Solution

by:
objects earned 1600 total points
ID: 20099185
> Also is there a way that at the login time I can make sure that a new JSessionID is produced

u don't need to. You should though be invalidating the existing session before logging in.
In fact you don't need to concern yourself at all with jsessionid


HttpSession session = request.getSession(false);
if(session!=null) {
   session.invalidate();
}
session = request.getSession(true);
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Java functions are among the best things for programmers to work with as Java sites can be very easy to read and prepare. Java especially simplifies many processes in the coding industry as it helps integrate many forms of technology and different d…
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
Suggested Courses
Course of the Month13 days, 12 hours left to enroll

755 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question