6 Replies Latest reply on Nov 22, 2011 9:45 AM by Jean-Frederic Clere

    New session id is not getting generated after logout in Jboss.

    Srinivasa Rao Ammina Newbie

      We are using jboss-4.0.3SP1 application server and deployed our web application developed using java technology. Here issue we are facing is

      same session id being shared by same/different users on successive login and logouts in a same browser window.

       

      Means I log in to the system with one user and I navigated in the application and I logged out. After that If I login with the same/different user in the same browser window we are getting the same sessionid instead different session id, since user successfully logged out and relogin to the application.

       

       

      We are using the below code to invalidate the session

       

      1. session.invalidate();

       

      After in validating the session if we print the value of the session by using the below line of code it is showing the old session id.

       

      2. System.out.println("LOGOUT - Session Is invalidated.." + session.getId());

       

      We used the next lines as

       

      3. session = request.getSession(true);

       

      4. System.out.println("LOGOUT - New Session Is after invalidated.." + request.getSession().getId());

       

      We have used point 3 to get a new session but if we print the session id from that session it is showing the old session only.

       

      Note: If we close the browser and reopen a new window and proceed then only new session is creating.

       

      Could you please help us in resolving this issue.