堆栈内存溢出
  简体   繁体   English

是否在同一会话中运行多个浏览器实例

[英]Do multiple browser instances run in same session

 原文  2013-10-22 02:07:32       java/ session/ servlets/ cookies

问题描述

I need to consolidate separate browser's sessions in one. 我需要将单独的浏览器会话合并为一个。 Please read me carefully, I know that multiple tabs, or windows coming from the same browser instance will do it automatically. 请仔细阅读我的信息,我知道来自同一浏览器实例的多个选项卡或窗口将自动执行此操作。 However I have separate instances of the same browser which share same president sessions pool. 但是,我有共享同一总裁会话池的同一浏览器的单独实例。 It means if I enforce session cookie persistence option, the task gets resolved automatically. 这意味着如果我强制执行会话cookie持久性选项,任务将自动解决。 However not many App Servers support the option. 但是,没有很多App Server支持该选项。 Some servers like WebSphere provide an option as remember me, however it sets a persistent cookie with limited trust, and as result a user can be prompted for login information. 像WebSphere这样的某些服务器提供了一个选项,让我记住了,但是它设置了具有有限信任的持久性cookie,因此可以提示用户输入登录信息。 So I need some push on thoughts. 所以我需要一些想法。 I can see currently one approach 我现在可以看到一种方法

  1. When user signed from one instance, some persistent cookie gets established keeping some token. 当用户从一个实例签名时,将建立一些持久性cookie,并保留一些令牌。
  2. The token is a key in some singleton map holding session objects 令牌是某些持有会话对象的单例映射中的键
  3. Any servlet code requesting session and not getting it, can check for the cookie and use token to get session from session map 任何请求会话但未获取会话的servlet代码都可以检查cookie并使用令牌从会话映射中获取会话。
  4. Session listener removes session from session map at extirpation 会话侦听器在删除时从会话映射中删除会话

I need you opinion on 我需要你的意见

  1. possible security problem 可能的安全问题
  2. Possible resource leakage 可能的资源泄漏
  3. extension of the solution in cluster Thanks for any thoughts, but please do not try to convince me I do not have use case for that. 集群中解决方案的扩展感谢您的任何想法,但是请不要试图说服我我没有用例。 If you want to know use case, e-mil me privately. 如果您想知道用例,请私下与我联系。

1 个解决方案

解决方案1
 0 已采纳  2013-10-22 02:20:31

  1. If the cookie data is encrypted for the user session using a key on the server and some non repeatable session identifier then you only have to worry about a "man in the middle" which can be mitigated using ssl. 如果使用服务器上的密钥和一些不可重复的会话标识符对用户会话的cookie数据进行加密,那么您只需要担心可以使用ssl缓解的“中间人”。

  2. I do not see this as an issue as you said you have a sliding expiration for your server sessions and your server should reclaim the resources when that expiration is reached. 我不认为这是一个问题,因为您说您的服务器会话有一个到期日,并且服务器应在达到该到期时回收资源。

  3. Unless you are using some backing store to support sticky session persistence your user's session will be lost during a failover. 除非您使用某些后备存储来支持粘性会话持久性,否则您的用户会话将在故障转移期间丢失。

Also, keep in mind that your authentication cookie is only good for the domain at which it was issued. 另外,请记住,您的身份验证cookie仅适用于发出它的域。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 同一会话中多个Sessionscoped Bean实例 - Multiple instances of Sessionscoped Beans in the same session Selenium并行运行多个浏览器实例 - Selenium Run multiple browser instances parallely 如何在同一个程序中运行多个实例以在Eclipse中模拟多个客户端?(Java) - How do you run multiple instances of the same program to simulate multiple clients in eclipse?(Java) 在Spring中运行SAME cron作业的多个实例 - Run multiple instances of the SAME cron job in Spring 硒; 如何运行多个实例并维护不同的会话 - Selenium; How to run multiple instances and maintain different session JPA Eclipselink-多个EntityManagerFactory实例返回相同的会话 - JPA Eclipselink - Multiple EntityManagerFactory instances returning same session 如何在同一会话上运行多个测试(@test) - How to run multiple tests(@test) on same session 是否可以在一台Memcached服务器上运行同一应用程序的多个实例? - Is it possible to run multiple instances of the same application with a single memcached server? Java 可以并行运行同一个套接字的多个实例吗? - Can Java run multiple instances of the same socket in parallel? JxBrowser - 如何在多个组件中获取相同的浏览器 session - JxBrowser - How obtain same browser session in multiple components
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM