简体繁体 English

多个用户在同一浏览器上登录Web应用程序

[英]Multiple users login to web application on same browser

原文 2012-02-17 11:00:30 2 3 java/ jsp/ java-ee/ struts2

我已经开发了1个Web应用程序，但是当多个用户在同一浏览器上登录时，第一个用户的jsp页面会更改为第一个用户的jsp页面。

3 个解决方案

There is no way you can have multiple sessions simultaneously using a unique browser. 使用唯一的浏览器无法同时进行多个会话。 Each time you create a new session, the session cookie which is used to track the current session is replaced by a new one. 每次创建新会话时，用于跟踪当前会话的会话cookie都会被一个新的cookie取代。

That's because your browser doesn't use a new session for each open tab. 那是因为您的浏览器没有为每个打开的标签使用新的会话。 If you are using firefox you can install a special plugin to handle that behaviour for you. 如果您使用的是firefox，则可以安装一个特殊的插件来为您处理该行为。 http://blog.techno-barje.fr/post/2009/12/05/Session-per-tab-in-Firefox/ http://blog.techno-barje.fr/post/2009/12/05/Session-per-tab-in-Firefox/

Explanation on Spring Security FAQ page should answer the behaviour you encountered: Spring Security FAQ页面上的解释应回答您遇到的行为：

Browsers generally maintain a single session per browser instance. 浏览器通常每个浏览器实例维护一个会话。 You cannot have two separate sessions at once. 您不能一次有两个单独的会话。 So if you log in again in another window or tab you are just reauthenticating in the same session. 因此，如果您再次在另一个窗口或选项卡中登录，那么您将在同一会话中重新进行身份验证。 The server doesn't know anything about tabs, windows or browser instances. 服务器对选项卡，窗口或浏览器实例一无所知。 All it sees are HTTP requests and it ties those to a particular session according to the value of the the JSESSIONID cookie that they contain. 它所看到的只是HTTP请求，并根据它们所包含的JSESSIONID cookie的值将它们绑定到特定会话。 When a user authenticates during a session, Spring Security's concurrent session control checks the number of other authenticated sessions that they have. 当用户在会话期间进行身份验证时，Spring Security的并发会话控件会检查他们拥有的其他已身份验证会话的数量。 If they are already authenticated with the same session, then re-authenticating will have no effect. 如果它们已经通过同一会话进行了身份验证，则重新身份验证将无效。