1 Reply Latest reply on Jul 22, 2008 8:02 AM by Nicklas Karlsson

    starting a new session in Seam app

    System Administrator Expert
      so in chapter 17 of bauer & king, I noticed there is a Seam.invalidateSession() method available.

      How can a user start a new session when using a Seam app?  is it possible to have more than one simultaneous sessions going for the same user?

      It sounds like, according to ch. 17, that when the user launches a new browser window (or tab?), Seam or other web frameworks will use the same HTTPSession for that user/app.

      is this always true?  how does the app/framework know it's the same user if there's no authentication in the app?
        • 1. Re: starting a new session in Seam app
          Nicklas Karlsson Master

          A session is a contract (session id) between the http client (browser, usually) and server that is transported through a parameter or header etc and a new session is usually created (for a stateful app) if one is not present.

          The same session is usually used for a single browser (or in IE case, browsers spawned from same parent process)

          The conversation id acts as an additional sub-session-id to keep track of different paths within a session. The user authentication is usually tied to a single session.

          So no, if you are logged in someone can sneak up on you, hit you unconscious and continue typing in your browser (or spawn a new tab etc) and seam won't know the difference ;-)