You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Vincent <vi...@gmail.com> on 2006/02/23 12:33:34 UTC
session id
I found out that if two windows have same session id ( use ctrl + n to
create a new one), one window operate with affect the other ones , is
there any thing I can do to prevent?
Re: session id
Posted by Vincent <vi...@gmail.com>.
When using the seperate window , I don't find any concurrency problems
, but if I use Ctrl+N in IE , this problem appears, and I have tried
the properties in Tapestry 3 , but still got concurrency , any idea?
On 2/23/06, James Carman <ja...@carmanconsulting.com> wrote:
> Well, you can use @Persist("client") to store your page state. That way,
> when the page submits its request, it's actually sending the state along
> with the request. So, even if you Ctrl-N in IE (or Ctrl-T in Firefox), the
> separate windows will be sending their state independently of one another.
>
> Or, you could use a transaction token (a la Struts) to keep things in synch.
> If one page submits a token that doesn't match what's stored in your session
> (create an ASO to store the token), then you inform them that they're trying
> to do something illegal (i.e. using the site from multiple windows at the
> same time).
>
> -----Original Message-----
> From: Vincent [mailto:vincent82@gmail.com]
> Sent: Thursday, February 23, 2006 8:04 AM
> To: Tapestry users
> Subject: Re: session id
>
> Sorry James , can you tell me more details, I don't quite understand
> what do you mean.
>
> On 2/23/06, James Carman <ja...@carmanconsulting.com> wrote:
> > Use hidden form fields to control the state of your application.
> >
> > -----Original Message-----
> > From: Vincent [mailto:vincent82@gmail.com]
> > Sent: Thursday, February 23, 2006 6:34 AM
> > To: Tapestry users
> > Subject: session id
> >
> > I found out that if two windows have same session id ( use ctrl + n to
> > create a new one), one window operate with affect the other ones , is
> > there any thing I can do to prevent?
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
> >
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>
RE: session id
Posted by James Carman <ja...@carmanconsulting.com>.
Well, you can use @Persist("client") to store your page state. That way,
when the page submits its request, it's actually sending the state along
with the request. So, even if you Ctrl-N in IE (or Ctrl-T in Firefox), the
separate windows will be sending their state independently of one another.
Or, you could use a transaction token (a la Struts) to keep things in synch.
If one page submits a token that doesn't match what's stored in your session
(create an ASO to store the token), then you inform them that they're trying
to do something illegal (i.e. using the site from multiple windows at the
same time).
-----Original Message-----
From: Vincent [mailto:vincent82@gmail.com]
Sent: Thursday, February 23, 2006 8:04 AM
To: Tapestry users
Subject: Re: session id
Sorry James , can you tell me more details, I don't quite understand
what do you mean.
On 2/23/06, James Carman <ja...@carmanconsulting.com> wrote:
> Use hidden form fields to control the state of your application.
>
> -----Original Message-----
> From: Vincent [mailto:vincent82@gmail.com]
> Sent: Thursday, February 23, 2006 6:34 AM
> To: Tapestry users
> Subject: session id
>
> I found out that if two windows have same session id ( use ctrl + n to
> create a new one), one window operate with affect the other ones , is
> there any thing I can do to prevent?
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
Re: session id
Posted by Vincent <vi...@gmail.com>.
Sorry James , can you tell me more details, I don't quite understand
what do you mean.
On 2/23/06, James Carman <ja...@carmanconsulting.com> wrote:
> Use hidden form fields to control the state of your application.
>
> -----Original Message-----
> From: Vincent [mailto:vincent82@gmail.com]
> Sent: Thursday, February 23, 2006 6:34 AM
> To: Tapestry users
> Subject: session id
>
> I found out that if two windows have same session id ( use ctrl + n to
> create a new one), one window operate with affect the other ones , is
> there any thing I can do to prevent?
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>
RE: session id
Posted by James Carman <ja...@carmanconsulting.com>.
Use hidden form fields to control the state of your application.
-----Original Message-----
From: Vincent [mailto:vincent82@gmail.com]
Sent: Thursday, February 23, 2006 6:34 AM
To: Tapestry users
Subject: session id
I found out that if two windows have same session id ( use ctrl + n to
create a new one), one window operate with affect the other ones , is
there any thing I can do to prevent?
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org