防止选项卡或相同浏览器窗口之间的共享会话 [英] Prevent shared session between tabs or same browser windows

问题描述

我必须修复这个基本的Web应用程序，该应用程序允许查看数据(例如客户数据)并使用Tomcat和Spring框架对其进行编辑.当我尝试同时从不同的浏览器选项卡编辑不同的客户数据时，会发生我的问题.编辑的数据混合在一起.如果我在一个选项卡中打开要编辑的客户A，在另一个选项卡中打开客户B，然后回去编辑客户A并保存，则客户A的最后更改将应用​​于客户B.

I have to fix this basic web application that allows viewing data, say customers data, and editing it using Tomcat and Spring framework. My problem happens when I try editing different customers data from different browser tabs at the same time; the edited data gets mixed. If I open customer A to be edited in one tab, I open customer B in another tab, then I go back editing customer A and save it, this last changes for customer A are applied to customer B.

稍微研究一下此问题，因为客户数据存储在会话中，但是此会话在不同选项卡之间共享.因此，当我在一个选项卡中打开客户A时，此客户存储在会话中，但是当我在另一个选项卡中打开客户B时，最新的就是存储的那个.因此，当我完成对客户A的编辑并提交表单后，所做的更改将应用​​于会话中找到的客户B.

Investigating a bit this problem happens because the customer data is stored in the session, but this session is shared between the different tabs. So when I open customer A in one tab, this customer is stored in the session but when I open customer B in another tab, this latest is the one stored. Thus, when I finish editing customer A and I submit the form, the changes are applied to the customer found in the session, customer B.

我在这里看到针对我的问题的不同解决方案.一种解决方案是阻止用户在多个选项卡中打开我们的应用程序，但是它变得太复杂了，我觉得它很脏.另一种解决方案是简单地对不同的选项卡使用不同的会话，但是我不确定如何实现此目的.在这个论坛上，我发现了另一篇文章，提到了使用Tomcat'cookies = false'的context.xml文件中的设置，但是随后整个应用程序失败了，我不想在不是我的代码中碰到过多的东西.另外，我看到有人提到使用HTML5 SessionStorage，但找不到实现此目的的任何好例子.

I see here different solutions to my problem. One solution would be preventing users from opening our application in multiple tabs, but it gets too complicated and I feel it's dirty. The other solution would be to simply using different sessions for the different tabs, but I am not sure how can I achieve this. Reading this forum I found another post that mentions using setting in the context.xml file of the Tomcat 'cookies=false' but then the whole application fails and I don't want to touch more than necessary in a code that is not mine. Also I see it is mentioned to use HTML5 SessionStorage, but I could not find any good example implementing this.

我认为这必须是一个普遍的问题，选项卡之间的共享会话，并且必须有一个共同的解决方案.在这种情况下，哪种解决方案合适?

I think this must be a common problem, shared session between tabs, and that it must have a common solution. What solution would be suitable in this case?

假设我有以下代码:

@RequestMapping(value = "edit.do", method = RequestMethod.GET)
    public String edit(@RequestParam(value = "id", required = false) Long customerId, Map modelMap) {
    Customer customer = getCustomer(customerId);
    modelMap.put("customer", customer);
    return "customer";
}

@RequestMapping(value = "save.do", method = RequestMethod.POST)
public void save(@ModelAttribute("customer") Customer customer, OutputStream outputStream,
        HttpServletResponse response) throws IOException {
    save(customer);
}

我不确定modelMap.put("customer", customer);是什么，但是我假设是会话中存储客户的位置.我可以在jsp页面中成功添加一个隐藏字段，并通过添加@RequestParam(value = "customerId", required = true) Long customerId,在save方法中从数据库中检索客户，现在我的问题是，我在@ModelAttribute("customer") Customer customer中使用save方法获得的客户是从jsp还是存储在会话中的一个?而且，如果这是存储在会话中的那个，我如何检索在jsp中所做的更改?

I am not sure what does the modelMap.put("customer", customer); but I assume is where the customer is stored in the session. I can successfully add a hidden field in the jsp page and retrieve the Customer from the database in the save method by adding @RequestParam(value = "customerId", required = true) Long customerId, now my question is, the Customer I get in the save method with @ModelAttribute("customer") Customer customer is the customer submitted from the jsp or the one stored in the session? And furthermore, if this is the one stored in the session, how do I retrieve the changed made in the jsp?

推荐答案

为什么要实现此目的?您可能会注意到几乎没有人这样做.并非总是如此，但是通常，这表明您的意图最初是错误的. 对我个人而言，在不同选项卡中进行不同的会话是完全令人困惑的.我宁愿使用隐身模式"或其他浏览器.或考虑一些UI更改.

Why do you want to implement this? As you possible noticed almost no one do that. Not always, but often, this is a sign your intent is initially wrong. For me personally, having different sessions in different tabs is totally confusing. I'd rather use an "Incognito mode" or another browser. Or think about some UI changes.

例如如果需要单独的会话，则以新标签打开"将无法正常工作.

E.g. "Open in new tab" would work not in usual way if required a separate session.

这篇关于防止选项卡或相同浏览器窗口之间的共享会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！