There are a few solutions to your problem: 1- You can serialize your object as a hidden field and deserialize it on each request if you need it. It serves like a baggage that you carry form page to other. In this way, you avoid putting any object in session scope. Some folks may argue that this is not efficient for huge-sized objects, but keep in mind httpsession should not be confused with storage. I already use this solution in a few medium size webapps, works like charm.
2- If the object put in session is sort of object like ,say, the one the holds user credentials, roles, timezones, etc that can be calculated at each request, you may have custom interceptor that does it each time a user submits a request. You may incur just an extra cost of going to databse, to get all the information but with today's hardware speed and software, you should not worry about that. I have also used this solution and it also works like charm. 3- [I have not tried this myself ], If you are using servers like websphere, they provide other ways of session management except cookies and url rewriting like using ssl id for session management. You may want to try it. --- On Sat, 1/17/09, RajibJana <rajibj...@gmail.com> wrote: > From: RajibJana <rajibj...@gmail.com> > Subject: Struts 2 session problem > To: user@struts.apache.org > Received: Saturday, January 17, 2009, 5:23 AM > Hi All, > > I am using struts 2.0.14 to build an enterprise > application. It uses spring, > hibernate, tiles, Dojo 1.2.2. > > Now I have a serious problem. > > My application has lots a pages and each page shows the > logged in userid ( a > string variable). This userid is put into the session map > injected by the > SessionAware interceptor. The injected userid is used in > jsp page > (#session.userid) to show the logged in user info and also > is saved in > database for each business transaction for audit control. > > Now the problem is: > > 1) A User opens a browser window( IE 7/Firfox) and logs in > the application > as User X and the application shows the logged in userid as > X and DB > transactions also get userid info as X. > 2) The same user opens a bowser tab or new window from the > opened window ( > from where he logged in as X), and logs in the application > as User Y. Now > userid Y overrides the userid X in session map( as no new > session is not > opened, I guess) and I get userid as Y in both the browser > tabs. My > application breaks. > 3) If the user opens a new browser instance, then a new > session is created > and both the windows have their own user id info( i.e. > userid doesnt > override) > > I tried the scope interceptor ( by starting a conversion), > but the result is > same( i.e. could not get new session in a window tab). > > I searched for a solution, could not get a solution. Please > suggest how to > get rid of this problem. > > Thanks > > Rajib > > > -- > View this message in context: > http://www.nabble.com/Struts-2-session-problem-tp21513305p21513305.html > Sent from the Struts - User mailing list archive at > Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: > user-h...@struts.apache.org __________________________________________________________________ Ask a question on any topic and get answers from real people. Go to Yahoo! Answers and share what you know at http://ca.answers.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
