Is it possible to have sessions with in Web Session.

views:

answers:

Is it possible to have sessions with in Web Session.

Hi,

I am developing an application where I need to support multiple instances of browser on same machine but with different user logins ! As far as if we open two different IE process instances, there will be different sessions on server side but same is not the case for Firefox (correct me if I am wrong). So is there any way I can somehow link the login specific information with every HTTP requests (GET / POST) going to web server. I am exploring URL rewriting / cookie but not getting proper idea.

Please share your ideas/views.

Thanks,

Jatan

EDIT: On second thought I think you are going to have to dynamically change all of your links to include a session id in the variables.

More Analysis:

This was going in a comment, then got too long.

I suppose that you could do it with one session and cookies, as is traditional. When the user logs in a second time you record it as the "2" set or some generic identifier. Then use urls like (I only know php well) "...index.php?user=2". Then when the user follows a link it can be correlated withe the data on hand. That way the session id's stay out of the urls, and you only need one session for each user.

One more idea: Since its the same real life person it may be possible to have a dropdown at the top of the page:"Execute action as: ".

Phil 2009-02-08 08:34:04

Yes, correct. But the problem is I want to do it organized way so that I would not have to run after each and every link to put sessionid / uniqueid. Something like I can customize encodeURL method !

jatanp 2009-02-08 08:40:04

Thanks Phil for your suggestions. I am using Java so I was wondering if I can change the behavior of encodeURL method somehow to piggyback my information along with all the URLs (so I need not go to every URL for change)

jatanp 2009-02-08 08:59:33

+1 A:

Whilst this is possible by passing around some kind of token in all the URLs that are used within the application, it will be very fragile.

You really, really need to go back to those who sponsor the requirement and let them know that this particular requirement is very expensive, do they really want to proceed?

AnthonyWJones 2009-02-08 08:44:44

I thought same as you. Therefore I am pondering on this issue and asked for your ideas / advices. Let's see what other guys have to say about this.

jatanp 2009-02-08 08:47:38

+1 Plus URL rewriting has all sorts of annoying consequences like you can't just go to http://mysite.com/myaccount because your session isn't identified.

cletus 2009-02-08 10:52:39

If you're using NT authentication, it will automatically work. Users will have to start IE or FireFox with "Run as user".

With Forms authentication, one idea is to make it really easy for people to switch users with a combobox. Use the session object to remember which users the session can switch to.

Another option is to change the authentication system. Allow users to accomplish both roles with a single new role.

Yet another option is to tell your users to run different IE instances, which will support different form logins by default. Or one firefox and one IE.

I'd refuse to go the way of dynamic links or session id. That can't be worth the effort.

Andomar 2009-02-08 09:24:30

ansaurus

tags:

views:

answers:

Is it possible to have sessions with in Web Session.

related questions