tags:

views:

775

answers:

1
Q: 

window.open() clears session

Hi,

I have several portlets in my application. If I open a url using window.open() method, the session id changes and causes an error in other portlets. If I don't open this url, everything works fine. But once this new window is opened, the session is cleared and the rest of the portlets throws an exception since some values are missing. In the address bar of the browser I typed in javascript:alert(document.cookie); to see the JSESSIONID. It remains constant throughout the page and changes when I click the link that launches a new url in new window. I used IE8.

Any suggestions to maintain the session state in IE would be greatly appreciated.

A: 

What URL are you passing to window.open()? An easy way to get IE 8 to maintain the JSESSIONID in the popup would be to use a relative URL in the call to window.open() in the portlet markup. The critical thing is that the domain name remain exactly the same. Here's an example of a button with window.open() in the onclick event:

<button onclick="javascript:window.open('/wps/portal')">Home Page</button>

I'm using Websphere Portal, so '/wps/portal' just links to the home page.

Also, what do you intend to be the target of the popup window? A different portal page with the same session?

Update: Given that the target of the window.open() is an independent web application hosted on the same domain...

The portal server and the application server hosting the web application have independent sessions, but they both use a cookie called JSESSIONID by default. The first time you access the web application, the application server overwrites the portal's cookie, causing every subsequent request to the portal to have the wrong session id. When this happened to me, my solution was to configure the portal to name its session cookie something else (e.g. PORTALSESSIONID) so the two do not conflict.

cc1001  2009-11-08 22:26:52
Thanks for the response... I'm passing the complete url as a parameter to the open() method, but the domain name is exactly the same as of the parent. I'll try your suggestion also. The target is not a portal page, but a different web application hosted under the same domain, for example if the main domain is example.com, I open example.com/app/index.jsp
whoopy_whale  2009-11-10 04:40:27
I think there may be a naming conflict with the JSESSIONID cookie. I've updated this answer with some additional details.
cc1001  2009-11-10 16:23:17

related questions

html form not working with select list in IE8 (IE7 Compatability)
Should I be developing for Internet Explorer 8?
Running IE6, IE7, and IE8 on the same machine
Inspect in IFrame in IE8 Developer Tools?
Fade In/Out and create/hide <DIV> with javascript
Designing web site for Explorer 8
What is the source of /path/(null) requests?
IE8 shows "Internet Explorer cannot display the webpage"
IE & Drop Down Menus triggering the Pop-Up Blocker
Error on IE8 initialisation (ordinal 650 not founded in iertutil.dll)
How do I make Standards mode work as well as quirks mode?
How do you feel about including ie7.js or ie8.js in your page?
How do I reduce the flicker in IE on postback?
What are the most likely causes of Javascript errors in IE8?
Really strange IE 8 Beta 2 behaviour
Does Internet Explorer 8 support HTML 5?
$.getJSON returning cached data in IE8
Internet Explorer 8 and CSS
IE8 loses cookies when opening a new window after a redirect
Will targeting IE8 with conditional comments work?
Internet Explorer 8 and IE 6 side by side
Internet Explorer 8 beta 2 and Standards
Visual Studio 2008 / Web site problem
Is there any difference between the box models of IE8 and Firefox3?
IE8 overflow:auto with max-height