To be honest, this is not something I’ve considered to be a problem until I started working on the implementation in jSeamless of it. Servlet Sessions are just fine for the majority of web applications but I began to realize that they are inherently flawed conceptually. The first problem is that multiple tabs in a browser (even multiple windows in Firefox) rely on the same session. If you are trying to replicate functionality like a regular desktop application this is problematic.
Have you ever opened up two instances of Notepad? Did you ever dream that the second instance would be using the same session as the first? Why should this be the case in web applications?
I’ve said this before, but companies push their developers to write web applications that mimic functionality of a desktop application. Why do they do this instead of just deploying applications to their users? Well, there are still a few good reasons for this, but internal applications there’s no other reason than it makes management happy that they can add “web” to everything. Yes, I’m probably shooting myself in the foot proclaiming such things as the majority of jSeamless’ success is because it is so powerful for web applications. This is actually the primary reason I created it. I’d personally much rather be doing application development and with jSeamless now I can.
Back on topic, I realized that determining “session” based on what window was open was practically impossible to do as there is no good way of determining any sort of window or tab id that differentiates it from another. However, by forcing immediate redirects to a generated id in the URL it does allow me to do so. Yes, it’s sort of jumping back in time to pre-cookie days, but it’s really the only way to go. This does have some nice advantages though in jSeamless. First, it allows bookmarking of a “session” and reconnecting to it later and picking up where you left off. Second, it does allow good differentiation from one session to the next. So if you open a new window or tab you can reliably create a new “session” for the web application you’re connecting to. This is implemented now in jSeamless and will be coming out in Beta 4, so we’ll see how well received it is. 🙂