This discussion is archived
1 2 Previous Next 15 Replies Latest reply: Oct 24, 2013 9:13 AM by CaioAndreatta RSS

APEX Security: Multiple session cookies in one browser

S-Max Newbie
Currently Being Moderated
Hi all,

I use mozilla firefox as web browser. When I open a new tab and enter the APEX application url I will be redirected to the login page. After successfully login I receive the session id and the browser the session cookie WWV_CUSTOM-F....

When I now open the next browser tab and enter the APEX application url I will be redirected to the login page. After successfully login I receive the new session id and the browser the session cookie WWV_CUSTOM-F... with new content. My session from the first browser tab will be killed, because the session cookie for this session was deleted/replaced by the session cookie from the second tab.

Is it possible to have multiple APEX sessions opened in one browser in multiple tabs?

Regards
  • 1. Re: APEX Security: Multiple session cookies in one browser
    Scott Oracle ACE Director
    Currently Being Moderated
    Yes - but there's a catch.

    You'll have to refer to the server as a different name for each session.

    So, right off the bat, you should be able to have Tab 1 open to servername.com and Tab 2 open to 1.2.3.4 (server's IP address). APEX will keep those two sessions isolated, as the cookie names will be different.

    If you need more than two, then you can edit your local hosts file and create as many aliases as you like. For instance, I have an alias "vm" that is mapped to the IP of my virtual machine; thus, I can access it by typing in just "vm" into the URL.

    Thanks,

    - Scott -

    http://spendolini.blogspot.com
    http://www.sumneva.com
  • 2. Re: APEX Security: Multiple session cookies in one browser
    S-Max Newbie
    Currently Being Moderated
    Thank you, Scott!
  • 3. Re: APEX Security: Multiple session cookies in one browser
    its_working Newbie
    Currently Being Moderated
    Apex 4.0.x.x.x was working ok with multiple tabs, after upgrade to 4.1.0.00.32 it's not. Could dev team bring it back?
  • 4. Re: APEX Security: Multiple session cookies in one browser
    jkallman Employee ACE
    Currently Being Moderated
    Dear "its_working",

    +>> Apex 4.0.x.x.x was working ok with multiple tabs, after upgrade to 4.1.0.00.32 it's not.+

    Can you please explain what you may by "was working okay with multiple tabs", and "it's not". How does one reproduce the issue you're citing?

    Thanks.

    Joel
  • 5. Re: APEX Security: Multiple session cookies in one browser
    andres3 Newbie
    Currently Being Moderated
    Hi

    This is an old story ...

    To define several hosts - this is not the solution today.
    Is this problem solved ? Is it possible to manage several sessions in one browser ?

    For our clients - it is very important to have open many windows: for different clients, for different products, for different bills, ...
    All these windows must have different apex session ID-s (as there are different clients, there are different products).

    We still used Apex 3 (in old version this is OK). Now we are moving to 4.1 (problem starts here).
    But - this is a serious problem - we have to solve before.

    What is the workground TODAY ?

    Best
    Andres L.
    Estonia

    Edited by: andres3 on Jan 5, 2013 12:17 AM
  • 6. Re: APEX Security: Multiple session cookies in one browser
    GianluigiTrento Newbie
    Currently Being Moderated
    Hi Andres,
    have you found a workaround?
    This is a big problem for us, too.

    I think that Oracle developers do not understand that this is a problem for the use of Apex.
    It 's normal that a user open 2, 3, 4, ... times the same program. With Apex > 4.0 this is not longer possible.
    The customer gets angry and does not want more Apex, Oracle Database, etc. ..
    He wants software that allows him to work.

    If you are using Apex 3.2 see our tool to use Apex as RIA http://www.betasoftware.it/blog/2011/09/apex-come-applicazione-desktop-apex-as-desktop-application/.
    For Apex 4.1 problem see http://www.betasoftware.it/blog/2011/10/bsapex-e-apex-4-1-bsapex-and-apex-4-1/ .

    Regards,
    Gianluigi
  • 7. Re: APEX Security: Multiple session cookies in one browser
    Martijnke Explorer
    Currently Being Moderated
    Hi all,


    we too are facing the same problem
    any workarounds ?
  • 8. Re: APEX Security: Multiple session cookies in one browser
    wbfergus-1 Newbie
    Currently Being Moderated
    One way would be in the authentication section, to specify some sort of unique identifier as part of the cookie name.

    An easier alternative that I use, is I simply have IE, Firefox and Chrome installed, so each browser gets it's own cookie. It also helps me to see the differences with each browser, so making adjustments before I make an application 'production' is easier before the users start to complain.

    Bill Ferguson
  • 9. Re: APEX Security: Multiple session cookies in one browser
    Kenny Hanberg Explorer
    Currently Being Moderated
    Hi all,

    The brilliant feature you want to get rid off is session sharing.
    All developers have this kind of problem, so they naturally create a way to turn them off.

    And when using ie you have two command line switches..
    iexplore.exe -noframemerging
    iexplore.exe -nomerge
    http://msdn.microsoft.com/en-us/library/ee330728%28VS.85%29.aspx

    I'm sure that Firefox and Chrome have a simelar set of switches/hidden settings...
    or just use private browsing...

    /kenny

    Edited by: Kenny Hanberg on Jan 24, 2013 10:01 AM
  • 10. Re: APEX Security: Multiple session cookies in one browser
    andres3 Newbie
    Currently Being Moderated
    Hi friends

    We have solved this problem.

    We can work with different apex sessions in one browser (many tabs, many windows, many sessions). It is possible now. We have many different solutions.

    1) rewrite request headers in Oracle listener (we wrote a program changing session string in header)

    2) change cookies (active window assigns the right cookie for host - corresponding the session in URI) in browser.

    To do this is not technically very easy - but it is possible using ajax. It works.


    NB! I hope that Apex team is changing a mind - and removing this big restriction. We hope to discuss this problem with Apex team at ODTUG Kscope 13.

    For us was only two ways - we must use many sessions in Apex or not to use Apex at all. Many sessions was a business requirement.

    Best
    Andres
  • 11. Re: APEX Security: Multiple session cookies in one browser
    GianluigiTrento Newbie
    Currently Being Moderated
    Hi all,
    we have also solved this problem.
    Our tool bsApex now works with Apex 4.1 and 4.2, no more session problems.
    See http://www.betasoftware.it/blog/2013/03/bsapex-2-0/ and try it.

    Bye,

    Gianluigi
  • 12. Re: APEX Security: Multiple session cookies in one browser
    PPlatt Explorer
    Currently Being Moderated
    Could you please give us some more information on how to set it up and install it please. I can't read Italian unfortunately.
    All we get in the readme file is:

    bsApex v. 2.0
    =====================================
    http://www.betasoftware.it/blog/code
    Copyright (c) 2013, Beta Software snc
    =====================================
    For configuration see bsApex.exe.config
    "Microsoft .NET Framework 4 Client Profile" is required.
    Thanks to Mrojas for Extended WebBrowser class
    http://blogs.artinsoft.net/Mrojas/archive/2008/09/18/Extended-WebBrowser-Control-SeriesNewWindow2-Events-in-the-C-WebBrowserControl.aspx


    regards
    PaulP
  • 13. Re: APEX Security: Multiple session cookies in one browser
    GianluigiTrento Newbie
    Currently Being Moderated
    Hi PaulP,
    it's simple.
    Unzip bsApex2 http://www.betasoftware.it/codice/bsApex2.zip
    If not installed, install Microsoft .NET Framework 4 Client Profile.
    Configure bsApex.exe.config
    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>
      <appSettings>
        <!-- Application Title -->
        <add key="aTitolo" value="Apex Desktop by Beta Software snc" />
        <!-- Short application title -->
        <add key="aTitoloBreve" value="Apex Desktop" />
        <!-- Window height -->    
        <add key="aAltezza" value="960" />
        <!-- Window width-->
        <add key="aLarghezza" value="1200" />
        <!-- Close botton text -->
        <add key="aChiudi" value="Close" />
        <!-- Print botton text -->
        <add key="aStampa" value="Print" />
        <!-- Application icon-->
        <add key="aIcona" value="bsApex.ico" />
        <!-- Client -->
        <add key="aCliente" value="Apex Community" />
        <!-- Application address -->
        <add key="aIndirizzo" value="http://apex.oracle.com/pls/otn/f?p=23873:1" />
      </appSettings>
    </configuration>
    Run bsApex.exe, that's all.

    Regards,
    Gianluigi
  • 14. Re: APEX Security: Multiple session cookies in one browser
    Evandro Newbie
    Currently Being Moderated

    Hi 31818, can you explain detailed this workaround with cookie?

1 2 Previous Next

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points