Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How does Spring Session support multiple sessions within a single browser?

The Spring Session documentations describes as one of its usage benefits as written below.

Allowing for a single browser to have multiple simultaneous sessions in a transparent fashion. For example, many developers wish to allow a user to authenticate with multiple accounts and switch between them similar to how you can in gmail.

Technically, how does one leverage that benefit, how is it implemented?

like image 389
Newbie Avatar asked Aug 29 '14 02:08

Newbie


People also ask

Can one user have multiple sessions?

From the Start screen, open MultiPoint Manager. Click the Home tab. In the Computer column, click the name of the MultiPoint Server computer, and then, in the right pane, click Edit server settings. Select the Allow one account to have multiple sessions check box, and then click OK.

How does session work in spring?

Overview. Spring Session has the simple goal of free up session management from the limitations of the HTTP session stored in the server. The solution makes it easy to share session data between services in the cloud without being tied to a single container (i.e. Tomcat).

How does Spring Security concurrent session control work?

Concurrent Session Control When a user that is already authenticated tries to authenticate again, the application can deal with that event in one of a few ways. It can either invalidate the active session of the user and authenticate the user again with a new session, or allow both sessions to exist concurrently.


1 Answers

As of Spring Session RC1, Spring Session will keep track of all the Sessions in a single cookie. Using a pattern like this:

0 defaultsession alias sessionid alias2 sessionid2

Then you can select which session you are actively using by ensuring that you have the query parameter of "_s" with the value of the alias. For example, requesting the URL /index?_s=alias2 would use sessionid2. If _s is undefined, then the session alias of 0 is used. This means /index would result in using default session. You can find this documented on CookieHttpSessionStrategy

For a working example, see the users sample.

like image 194
Rob Winch Avatar answered Oct 11 '22 14:10

Rob Winch