When I log in to the web page I wrote, I register two users respectively, and then log in. I find that they share the session.
How to solve this problem? How to login two or more users to jump to the home page without mutual influence?
Today, we tested Taobao. We can log in to both of them at the same time without affecting each other.
How can multiple users log in without affecting each other?
Cookie is used to realize session unsolvable.
It’s not that there is no solution. We should associate the key of the cookie with the user ID. In this way, the server will traverse a cookie.
You can also save the session on the link or authorization without using cookies.
Take a look at JWT.
In this way, multiple users can log in at the same time, but only one user can use it after closing the browser.
Session is the session object established by the server for each browser. The number has nothing to do with the actual business users, so if the same browser, multi window login or multi-user, it is actually a session
1. Open multiple browsers, or small windows like 360. In fact, there are multiple browser processes that link to the server respectively. However, you should pay attention to session sharing problems that may be caused by cookies.
2. Independent of session, the relevant information is passed through the request. It is common for each user to assign a temporary ID (SID) after logging in. All requests and responses carry this ID. the background is used to distinguish users. In fact, the judgment is moved up to the application level. After the ID is generated, it will be put into the database table to set a certain effective time. Of course, the ID can be put into the session in the form of a list, and then the background will match the user through the session. The principle is the same.
What’s your scenario, please? If multi-user debug, it is normal to open multiple browsers
Session must be shared, no solution
========Here is the original answer========
One for chrome and one for firebox
I haven’t dealt with this problem, but I think it should be that the background generated sessionid did some processing, mainly to facilitate the background processing when loading data, but I always think that there will be problems, so I’d better try not to use a browser for multiple users
This is related to the implementation of browser and the version of HTTP protocol
On the one hand, in the same browser, let’s look at the version of HTTP protocol. At present, the HTTP protocol used by server is 1.1, while version 1.1 supports long connection. The default request header is keep- alive:true In this case, all requests established on the link use the same session, which is obviously not in line with the scenario of user login
On the other hand, from the perspective of browser implementation, many browsers are multithreaded. If the browser has established a connection with the remote server, even if multiple browser windows are opened to access the same URI, session information, such as cookies, will be shared as long as it is through one browser. If I remember correctly, IE6 used to set up session connection for each window separately. If possible, I can try it. However, this method has been abandoned by most browser manufacturers.
As described above, the session maintenance between browser and server can not be maintained by browser, but by business server. We can use the distributed cluster session maintenance scheme for reference, and use the distributed cache method to realize it; or we can use the low method to realize the login of different users through multiple browsers