This discussion is archived
2 Replies Latest reply: Feb 28, 2013 6:40 AM by user204068 RSS

Session sharing/reuse issues

apodictus Newbie
Currently Being Moderated
Hi,

I have multiple application set-up using session sharing within the workspace.
Technically all works fine, however it does not play nice with user behaviour.

Example:
Users logs into APP_ID:100. Since he isn't authenticated yet, he provides user/pass and the APP_SESSION is authenticated.
Now if the user switches using to another application (using a link provided in application 100) he gets redirect to APP_ID:101:APP_SESSION all is fine.
The session is already authenticated, the application shares the session and the user gains access to app 101 without having to authenticate again.
All's fine!

However users don't behave they way. Instead of using an easy link in the application. They will use their own bookmark or type in the url for app 101 manually.
That way the next application is either called with f?p=101:1:[SOME OLD SESSIONID FROM BOOMARK] or f?p=101 (with no further page or session info)
In both cases instead of using the already authenticated session apex spawns a new session, which of course isn't authenticated yet thus forcing the user to authenticate and come complaining they have to login again.

Similar behaviour problems exists when the user opens a browser and tries to open both applications in each in a tab next to each other.
Both tabs fetch there own initial session id and start writing it to the same cookie each in turn invalidating the other tab's session.
These can lead to some fanatic ping pong actions. Thus it's impossible to open 2 applications sharing session in the same browser.

Is there any remedy for these situations?
Can apex be as smart as for instance first trying to resume the session stored in the cookie and only if that session is invalid, start a new session?

Thanx
apodictus
  • 1. Re: Session sharing/reuse issues
    Kenny Hanberg Explorer
    Currently Being Moderated
    Hi,

    I'll just try to answer one of your questions..
    apodictus wrote:
    ...
    Similar behaviour problems exists when the user opens a browser and tries to open both applications in each in a tab next to each other.
    Both tabs fetch there own initial session id and start writing it to the same cookie each in turn invalidating the other tab's session.
    These can lead to some fanatic ping pong actions. Thus it's impossible to open 2 applications sharing session in the same browser.

    Is there any remedy for these situations?
    Can apex be as smart as for instance first trying to resume the session stored in the cookie and only if that session is invalid, start a new session?
    The brilliant feature you want to get rid off is session sharing. Not the one you describe, but the one Microsoft implemented in IE7->

    All developers have this kind of problem, so they naturally create a way to turn them off.

    And when using ie you have two command line switches..
    iexplore.exe -noframemerging
    iexplore.exe -nomerge
    http://msdn.microsoft.com/en-us/library/ee330728%28VS.85%29.aspx

    I'm sure that Firefox and Chrome have a simelar set of switches/hidden settings...
    or just use private browsing...

    /kenny
  • 2. Re: Session sharing/reuse issues
    user204068 Newbie
    Currently Being Moderated
    Hi,

    we have the same problem (multiple tabs in a browser) and our users are annoyed.
    We work with IE8 and the use of command-line options has no success.

    Are there other settings?

    Regards,
    Elke

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points