We have an application which is built on JSF 2.0(MyFaces) and runs on Weblogic app server. We are facing an issue regarding http Session.

Issue: Suppose I have opened the app in two different IE windows and give some search input in first window. The search result data received in first window is being shared in second window's session.

Note: . The beans are session scoped and javax.faces.STATE_SAVING_METHOD is server. There's no problem of static variable being shared.

Any idea why is this happening, and a solution to prevent this if any ?

Regards, Shaj.

That's because IE keeps the session ID JSESSIONID in a cookie. That cookie exists in the same IE "space". You will realise that if you use IE and Firefox, the session cookie isn't shared.

JSESSIONID is essentially the identifier used for Session Tracking by your web container. If the browser doesn't support cookie, the ID is appended on the URL. In your case, you have JESSIONID stored in a cookie and all your multiple windows can see the same Session cookie.

The behavior exposed is expected. If you need "window" scope, take a look at MyFaces CODI Wiki @WindowScoped. Other alternative is use MyFaces Orchestra and use a different conversation context.

JSESSIONID is a cookie used by servlet spec to diferentiate between sessions, but is shared for all windows of the same browser.

For more detailed information ask on MyFaces Users and Dev Mailing Lists.