As stated above, when a session is created, the BIS server will include a Session Cookie that uniquely identifies the session with the response. The user agent saves the cookie, and includes the cookie with subsequent requests. The BIS server uses the cookie to associate requests with sessions.
Cookies are shared by all instances of a particular user agent. This makes it difficult for a particular user agent to gain access to more than one session on the server-if multiple browser windows on the same client machine request the same page, each window will send the same cookie, BIS will see the requests as originating in a single window, and will not create additional sessions. Multiple sessions are desirable if the end user wishes to run multiple BIS applications hosted by the same server in separate windows, or the application developer wishes to include multiple applications in a browser window by using HTML <OBJECT> or <IFRAME> tags.
Fortunately, there is a solution: the scope of a particular session cookie can be restricted to particular URL paths on the server. The user agent will only include the session cookie with a request URL that is as specific as, or more specific than the path that was specified when the cookie was stored in the user agent.
IIS and Apache derive the default application root path differently:
The application root path may be changed by using the {{SessionParms}} tag only during the rendering of the session's initial page. The session root directory may be set to:
For example, if the request URL is
http://microfocus.com/xbis/apps/states/texas/default.srf
and the default application root path is
/xbis/apps
then the application root path may be changed to any one of
See The {{SessionParms}} Tag for more information.