[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tomcat-user
Subject:    Re: Multiple concurrent sessions
From:       Christopher Schultz <chris () christopherschultz ! net>
Date:       2023-05-25 19:03:59
Message-ID: 4f367381-cf80-3dc5-5ee3-2fdfba9d3c2d () christopherschultz ! net
[Download RAW message or body]

Stephane,

On 5/25/23 12:44, Stephane Passignat wrote:
> Hello,
> 
> I would like to open multiple concurrent session in a web-application 
> for one user. As far as I understand, the sessionid is stored in the 
> cookie and the cookie is associated to the server (http://localhost:8080/).
> 
> So if I open a new browser window with the URL, I reach the same page 
> than the one in the first window, no authentication, ... I can trick 
> that using a private browse, but it's not convenient.

The above is accurate.

> Are there any way to have this multiple session per user ? I read a bit 
> session-config and tracking mode. Is it the right direction ?

You have three choices:

1. Use a different browser (e.g. Firefox plus Google Chrome)
2. Use a private browsing window within the same browser
3. Disable cookie-based session tracking on the server and use URL-rewriting

Note that #3 affects all users and not just you.

-chris

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]