Session Problem

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • samirgulhane
    New Member
    • Dec 2007
    • 4
    #1

    Session Problem

    Hi,
    We have developed an application.We are using launcher(Full screen window) to open it(just to prevent a user to type any action in the url)
    Now i opened two session windows with two different User Profiles using launchers.Now when i login into the second window using 2nd user profile it ovverrides the session of the first user profile.
    The same work done on both sessions will cross over to the other session, invalidating security.
    Can anyone tell me the solution for this?
    Tags: None
    • r035198x
      MVP
      • Sep 2006
      • 13225
      #2
      Originally posted by samirgulhane
      Hi,
      We have developed an application.We are using launcher(Full screen window) to open it(just to prevent a user to type any action in the url)
      Now i opened two session windows with two different User Profiles using launchers.Now when i login into the second window using 2nd user profile it ovverrides the session of the first user profile.
      The same work done on both sessions will cross over to the other session, invalidating security.
      Can anyone tell me the solution for this?
      Perhaps if you can give a few more details. I take it this is a web application developed using JSPs and servlets? What kind of "launcher" are you using?

        Comment

        • samirgulhane
          New Member
          • Dec 2007
          • 4
          #3
          Originally posted by r035198x
          Perhaps if you can give a few more details. I take it this is a web application developed using JSPs and servlets? What kind of "launcher" are you using?



          Yes this is a web application developed using struts framework,JSP's and servelets. We really only use this window to run the javascript to open the application window.

          This is the source code for that launcher:-

          [HTML]<HTML>
          <HEAD>
          <title>Launchin g APP Prototype...</title>
          <script language="javas cript">
          window.opener = self;
          window.close();
          wd = 1024;
          ht = 740;
          var sizestring = ",width=" + (wd - 10) + ",height=" + (ht - 50);
          // Create a unique name for the new window (so that multiple instances of application can be opened)
          var timestring = new Date();
          timestring = "APP" + timestring.getT ime();
          // Open application window- substitute URL as required for different environments
          var newwin = window.open('ht tp://localhost:9080/App/', timestring,'too lbar=no,status= yes,scrollbars= yes,location=no ,menubar=no,dir ectories=no,res izable=yes,left =0,top=0' + sizestring);

          </script>
          </HEAD>
          <body>
          Launching APP Prototype...
          </body>
          </HTML>[/HTML]
          Last edited by gits; Dec 20 '07, 07:54 PM. Reason: added code tags

            Comment

            • acoder
              Recognized Expert MVP
              • Nov 2006
              • 16032
              #4
              Originally posted by samirgulhane
              We are using launcher(Full screen window) to open it(just to prevent a user to type any action in the url)
              For the session problem, you already have a thread in the Java forum. You're trying to open a full screen window to prevent a user typing something in the URL. For any user who knows a bit of JavaScript, this will be easy to bypass.

                Comment

                Previous template Next
                Working...