|
Home > Archive > WebSphere Application Server > December 2005 > strange session behavior
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
strange session behavior
|
|
|
| I'm running WAS 5.1.1 base product.
Whenever I login to my application, that is, start a session. My Admin console
declares my current admin session invalid and whenever I login back into
the admin console my application session is closed and I have to log back in.
Is this the expected behavior.
| |
| Ken Hygh 2005-12-15, 6:06 pm |
| robert.hastings@stellent.com wrote:
>I'm running WAS 5.1.1 base product.
>
>Whenever I login to my application, that is, start a session. My Admin console
>declares my current admin session invalid and whenever I login back into
>the admin console my application session is closed and I have to log back in.
>
>Is this the expected behavior.
>
>
>
>
I bet you're using Mozilla, right?
Ken
| |
|
| That's right. I'm using FireFox.
| |
|
| I just checked I'm getting the same results with Internet
Explorer.
| |
| Ken Hygh 2005-12-15, 6:06 pm |
| robert.hastings@stellent.com wrote:
>I just checked I'm getting the same results with Internet
>Explorer.
>
>
I hadn't gotten this with IE.
It appears to be a difference of opinion on interpreting the HTTP spec
around cookies. Take 2 urls:
http://localhost/foo/bar
and
http:/localhost:9060/admin
According to the spec, cookies are supposed to be resent back to any URL
on the same host. My testing with IE & Mozilla - a few years ago -
resulted in IE treating these as separate hosts, and keeping the cookies
separate, while Mozilla treated these as identical and used a single set
of cookies.
So with Mozilla, if I:
1) view admin console page [get a session cookie]
2) view application page [generate a different session cookie, because
the first isn't found in the application session space, so a new one is
created]
3) view admin console page [now the admin console application doesn't
find the session cookie, so generates a new one, and re-logs you in].
Note that with IE, using separate browser windows, you get the desired
results, because each window runs in its own process. With Mozilla, they
all share the same process, and all browser windows use the same cookie
namespace.
I found this by using TCPMonitor and watching the HTTP traffic.
So, bottom line is, there's nothing that can be done from the WebSphere
side. When I need to do this, I typically do something like
http://my.real.machine.name/foo/bar
and
http://localhost:9060/admin
Ken
| |
|
| Thanks for the tip I'll try it out.
|
|
|
|
|