Solved

HELP!!!  PLEASE!!!  Ajax calls create new session when I don't want it to.

Posted on 2013-05-13
8
1,495 Views
Last Modified: 2013-07-13
Good afternoon all,

I have been stuck on a problem for a long time and I am hoping that somebody here has a solution for me.  I am building a web application using java with jquery and ajax.  Due to security reasons, things beyond my control, access to my application has to be forwarded from appache via https to a secure port on tomcat.  My problem is that each time an ajax call is made it is creating new sessions instead of finding the one that was created during the login.  During the execution of an application there could be as many as 20 sessions created.  How do I fix this problem?  Is there a way to force ajax to stop creating new sessions?  I am desperate.
0
Comment
Question by:Amzngmoe
8 Comments
 
LVL 86

Expert Comment

by:CEHJ
ID: 39162992
0
 
LVL 27

Expert Comment

by:mrcoffee365
ID: 39163386
Ajax requests to the server should not be making new tomcat sessions.  There are some circumstances where new sessions are created when requests are made.  If you don't return the cookie (which ajax should do by default -- but are these different domains?) -- then each connection will make a new session.  If you have to log in every time, then each login will make a new session.  There are some flags to give tomcat which can prevent some of this, but you need to be careful.  

So perhaps there is something wrong with how your Ajax requests are being made.  If you can give more description of the problem, we're more likely to be able to help.
0
 
LVL 26

Expert Comment

by:dpearson
ID: 39163524
It sounds to me like the apache server may not be forwarding the cookies in the request to Tomcat - so Tomcat sees each request as new and creates a new session.

I'd suggest investigating the headers that are received by apache and comparing them to the headers being received by Tomcat on the request.  If the cookies are indeed being dropped then you would need to fix this in the way Apache is forwarding the requests.

Doug
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 16

Accepted Solution

by:
Valeri earned 500 total points
ID: 39163781
"Due to security reasons, things beyond my control, access to my application has to be forwarded from appache via https to a secure port on tomcat."
Does this mean that it's a crossdomain request?! If it is, then you have to add this to your ajax request:

xhrFields: { withCredentials: true }

NOTE: "In jQuery 1.5, the withCredentials property was not propagated to the native XHR and thus CORS requests requiring it would ignore this flag. For this reason, we recommend using jQuery 1.5.1+ should you require the use of it."
0
 

Author Comment

by:Amzngmoe
ID: 39165332
Yes it is a cross domain request.  I will try all of your suggestion.  Thank you so much.
0
 

Author Comment

by:Amzngmoe
ID: 39168464
This solved my problem and I am eternally grateful for the help.  Thank you so much.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
web application structure 18 77
Java exception bubble up 2 18
throw exception 21 44
Selenium docs api java index 3 15
Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
This tutorial covers a practical example of lazy loading technique and early loading technique in a Singleton Design Pattern.
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question