Skip to Content

Determining Unique Ids for Server Side Cookies

A few days ago Claudia asked about session-ids and server side cookies. Later via some personal emails the problem really became clear (hmmm, she did not say anything about chocolates!).

Let me phrase the way I understand it: we have a BSP application, it is stateless, it stores its information in a server side cookie. In addition, each time a new window is opened for this application, either via File->newWindow or window.open() a new state must be stored. Which means that the windows run separately!

Below I have build a small example of a counter stored as serverside cookie. Each time the button is pressed, the counter gets incremented. It is possible to have any number of open windows.

The source code is below, and its running is left as homework.

Let me give some comments:

(*) For each window, we need an unique identifier as key for the serverside cookie. We can not really use the session-id, as this will not stay stable for stateless applications. So we just generate a guid each time that we require a new id.

(*) As we have separate windows in the same browser instance, we can not set any client side cookies to store this key. Each window will have the same application path, and as such the cookies will overwrite one another.

(*) So what we do, is that we just use one hidden input field to store the key (we call it window_id in program). Each time the form for a specific window is submitted, we get the window_if by just calling get_form_field.

(*) How to determine the very first window, or a new window? Simple it is those requests that arrive at the server without any window_id. So when we start a new window, we must ensure that the window_id is not part of the start sequence.

(*) Starting the window via window.open() we just supply the URL of application, without any URL parameters (form fields). New incoming request will be detected as new window, and a window_id will be computed.

(*) When we press file->newWindow (control-N) things are slightly more complicated. What is done is that the window URL is used to start the new window. Now as we store the window_id as form-field it will be part of the URL in the top of browser. So control-N will start new window with the guid of the old window. To prevent this, we use a simple trick. On the first request for a window, we first render out a <frameset> that has the URL without any window_id. Inside the frameset, the frame is loaded with the usual window_id in URL. Now once we request a new window, the URL of the frameset is used (which contains no window_id), and therefor the new window gets a new ID.

(*) When storing the server side cookie, we ignore the session-id. The window_id calculated is used as cookie name for the same user.

++bcm

<%@page language="abap"%>
<%
   DATA: guid      TYPE guid_22,
         window_id TYPE string.
   window_id = request->get_form_field( 'window_id ').
   IF window_id IS INITIAL.
     CALL FUNCTION 'GUID_CREATE' 
       IMPORTING ev_guid_22 = guid.
     window_id = guid.
%>
    <html><frameset>
      <frame src="?window_id=<%=window_id%>">
    </frameset></html>
<%
     RETURN.
   ENDIF.
%>

<%
   DATA: page_data TYPE xstring,
         counter   TYPE string VALUE '0'.
   CL_BSP_SERVER_SIDE_COOKIE=>GET_SERVER_COOKIE(
     EXPORTING
       NAME                  = window_id
       APPLICATION_NAME      = RUNTIME->APPLICATION_NAME
       APPLICATION_NAMESPACE = RUNTIME->APPLICATION_NAMESPACE
       USERNAME              = sy-uname
       SESSION_ID            = 'irrelevant - stateless'
       DATA_NAME             = 'page_data'
     CHANGING
       DATA_VALUE            = page_data ).
   IF page_data IS NOT INITIAL.
     IMPORT counter = counter FROM DATA BUFFER page_data.
   ENDIF.
   counter = counter + 1.
%>

<html><body><form method="GET">
  <input type="hidden" name="window_id" value="<%=window_id%>">
  <input type="submit" value="<%=counter%>">
  <input type="submit" value="window.open()"
         onclick="window.open('?');return false;">
</form></body></html>

<%
   EXPORT counter from counter TO DATA BUFFER page_data.
   CL_BSP_SERVER_SIDE_COOKIE=>SET_SERVER_COOKIE(
     EXPORTING
       NAME                  = window_id
       APPLICATION_NAME      = RUNTIME->APPLICATION_NAME
       APPLICATION_NAMESPACE = RUNTIME->APPLICATION_NAMESPACE
       USERNAME              = sy-uname
       SESSION_ID            = 'irrelevant - stateless'
       DATA_NAME             = 'page_data'
       DATA_VALUE            = page_data
       EXPIRY_TIME_REL       = 3600 ).
%>

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Jun 21, 2004 at 07:48 AM

    Hi Brian,

    thank you very much for the solution!!!

    Chocolate is in work... :o))

    Cheers, Claudia

    Add comment
    10|10000 characters needed characters exceeded