Question
I am facing the similar problem like JSF force URL rewriting Want to avoid session sharing across applications
I have two independent application servers deployed on websphere 7 using form based authentication using standard LDAP registry.
faces-config.xml
https://stackoverflow.com/questions/15786044
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian<managed-bean>
<managed-bean-name>Login</managed-bean-name>
<managed-bean-class>
com.abc.ui.mbean.session.LoginMBean
</managed-bean-class>
<managed-bean-scope>session</managed-bean-scope>
</managed-bean>
<managed-bean>
<managed-bean-name>DeviceType</managed-bean-name>
<managed-bean-class>com.abc.nsam.jsfmanager.jsf.mbean.stateful.DeviceTypeMBean</managed-bean-class>
<managed-bean-scope>request</managed-bean-scope>
<managed-property>
<property-name>contextMBean</property-name> "This is of session scope"
<value>#{Context}</value>
</managed-property>
</managed-bean>
when I logged into server1 & do some operations and then open new tab on IE and type URL for server2 it logs me in automatically (as they share same local username) and do some operations and then go back to server1 tab..it throws ViewExpiredException and logs me out and give back login page again. After login when I go back to server2 tab and click any link then it logs me out.
So it looks like the jsessionId is getting over-ridden from 2 different tabs (two different application server instance).
As per the answer for this question: will you recommend me the same - managing scopes properly? but it seems to be request scope in my case and for login its session scope..... Should I go for URL rewritting? (using pretty-faces URL rewritting?) ....plz help ... Thank You.
Solution
I found the solution.
Under websphere itself I can change the cookie name for each application server.
http://www-01.ibm.com/support/docview.wss?uid=swg21225834
By default it uses JSESSIONID which you can rename it as per your application use so that it doesn't override between browser tab access.
