0

i have a big deal with user session monitoring. I need to kill session after closing last application tab or after browser closing.

So, this work was performed. I have developed small library for working with local storage and session storage and i developed mechanism for monitoring of opened browser tabs.

Just simple object with tab counter.

{
    "session_instance_count" : 0
}

And simple methods for writing this object to localstorage:

SessionMonitor.prototype.writeValueByKeyToLS = function (key, value){
   var own = this;
   own.getLocalStorageInstance().setItem(key, value);
};

SessionMonitor.prototype.getLocalStorageInstance = function () {
    return 'localStorage' in window && window['localStorage'];
};

But after deploying another application to Tomcat i have found serious troubles with local storage. All stored values from first application were available in second application.

I stored some data on http://localhost:8080/app1 this data will be available on http://localhost:8080/app2

App1 sending request to open App2 with some parameters

Note: I do not have access to modify source code of second application.

This is my question:

How to prevent passing HTML5 local storage data between two or more different applications which were deployed at the same container?

V.Valitsky
  • 1
  • 1
  • 1
    Possible duplicate of [In HTML5, is the localStorage object isolated per page/domain?](http://stackoverflow.com/questions/4201239/in-html5-is-the-localstorage-object-isolated-per-page-domain) – CBroe Aug 05 '16 at 11:08
  • 1
    Unfortunately no. Origin policy is the same. Domain pattern for applications is identical. localStorage.key(0) return same key value for all deployed applications – V.Valitsky Aug 05 '16 at 11:39
  • 1
    Yes, that is the point. If you want “different” localstorages, then use different domains. – CBroe Aug 05 '16 at 12:05

1 Answers1

0

Solution with local storage was removed, because it's not provide possibilities for set data separately between applications inside one container with same domain pattern. I have checked solution with port configuring inside tomcat/conf/server.xml So we can set different ports to all deployed application. Or we can register one more port for applications

    <Connector port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8443" />
    <Connector port="8086" protocol="HTTP/1.1"
       connectionTimeout="20000"
       redirectPort="8444" />

http://localhost:8080/app2 with http://localhost:8086/app1

Local storages will be unique. But i can't use this solution, because customer don't want this.

I found one more solution: relation between server side and client side.

Just generating unique window.name and storing it inside server session. I hope, that it will be helpfull for somebody.

V.Valitsky
  • 1
  • 1