|Problems? Is your data what you think it is?|
New Session for new Window (or: Session ID vs. Process ID...)by shushu (Scribe)
|on Feb 26, 2003 at 06:54 UTC||Need Help??|
shushu has asked for the
wisdom of the Perl Monks concerning the following question:
I have a WEB application that works with Apache::ASP and Sessions, in which every time a user open a window the data in it is kept in a Session.
I need to support a way in which the same user can open more then one Session from the same machine.
Currently, when the user open two IE processes the application works great, since each process has its own Session.
Unfortunately, when the user open a new window using CTRL-N or use "open a new window", it seems as though the same Session is used.
Some will tell me, "Well, this is very important feature". Yes, I know. You don't want a user to "forget" his login, or anything, between windows. This is why this behavior is the default, and it is fine.
The question is - how can I work differently, meaning - every window, even opened by the same process, will have its own Session.
It seems at first that using $Session->Abandon() will do the trick. Unfortunately, it does not.
First of all, the abandon will actually take place only in the next query of the server. The code below will show you:
Instead of seeing two different Session IDs, before and after, I got the same Session ID. I believe that this is not for the reason it seems - that the Abandon is done before the execution, or something else. I believe this is because the Session object does not change in the server, and all the Abandon does is sending a new Session ID in the next request.
Second, it seems that even an abandoned session will be the same session for all of the windows opened by the same process. To see that I wrote an example, in which one button open a new window, and another button shows the document.cookie, and did the following scenario:
The bottom line - if this is the only behavior a Session can have, why bother to call it a Session ID? This is actually a Process ID!
Therefore I am almost certain there IS a way to differ between sessions in the same process. Only question is - how.