The above article I got from net is giving an alternate solution. But it is not a brilliant solution. Just old wine in a brand new bottle.
Sessions are good in normal websites for keeping track of logged in status. But in an intranet application (for e.g. a project manager plus knowledgebase tool which is used in my company), use of session is not a good method. Suppose one set of issues is posted to me. I will typein the answers to it issue by issue in half an hour. After that when submit reply, it will go to default page saying that session is expired. Unfortunately, the above application is preventing pages from going into cache. So when I press backbutton, I get a page with nothing typed in the reply field. This means all I have typed in half an hour is lost.
Here is another method. I am defining a JS
variable in a small frame at the top. When its value is true, normal operations will continue in the bottom big frame. Otherwise, it will go to login page. I will set the value at the time of login.
But when people open links in new windows, this fails.
I agree with you Vijay that such settings are rare. But my project manager in London says that browsers in corporates will generally prevent session for (unnecessary) fear of losing privacy.
Session is the best available way to maintain state. But ...