[OFBiz] Users - HTTP Sessions
Adrian Crum
adrianc at hlmksw.com
Thu Mar 24 11:01:31 EST 2005
Thanks David - that helps!
I considered persisting the attributes in the DB, but then the DB would
get hit a lot.
I've also considered a static class that would hold the bundle of data I
need in a "pool." Each web page would retrieve the bundle of data from
the "pool." Now the problem becomes memory consumption.
lol
*scratches head*
David E. Jones wrote:
>
> That's right, they are separate webapps in the Servlet standard meaning
> of the term. You might want to find a good J2EE general reference book
> that you can browse through as you are playing with things. I
> personally use a number of books like this, very helpful when trying to
> open my mind while solving problems.
>
> If you want something shared there are various options, but consider
> that putting something in the database is sometimes the best way to go,
> or use parameter passing instead of a session variable.
>
> -David
>
>
> On Mar 24, 2005, at 8:23 AM, Adrian Crum wrote:
>
>> Okay, I'm up against this problem again!
>>
>> I have a hunch it's Tomcat that is causing the problem. My educated
>> guess is that Tomcat is keeping a separate session instance for each
>> component (because each component is mounted as a unique webapp maybe?).
>>
>> I need to maintain session attributes (or a single instance) across
>> components.
>>
>> I'm not an expert with containers. If anyone has any advice or
>> insight, please let me know!
>>
>> In the meantime, I will try switching to Jetty and see if the
>> behavior goes away.
>>
>> For those who are interested, here is a demonstration of the problem:
>>
>> In Component 1:
>> session.setAttribute("myAttribute", "One");
>> In Component 2:
>> session.setAttribute("myAttribute", "Two");
>> In Component 3:
>> session.setAttribute("myAttribute", "Three");
>> In Component 1:
>> session.getAttribute("myAttribute"); returns "One"
>> In Component 1:
>> session.setAttribute("myAttribute", "Four");
>> In Component 1:
>> session.getAttribute("myAttribute"); returns "Four"
>> In Component 2:
>> session.getAttribute("myAttribute"); returns "Two"
>> In Component 3:
>> session.getAttribute("myAttribute"); returns "Three"
>>
>>
>>
>>
>> Adrian Crum wrote:
>>
>>> I've tracked down more erratic behavior, but I still don't know what
>>> the cause is.
>>> I patched LoginEvents to explicitly remove the custom session
>>> attribute during logout. It's the very first line in doBasicLogout().
>>> When I log out and back in, the attribute from the previous session
>>> reappears.
>>> I found something that is repeatable: if I log out of the same
>>> application I logged into, the attribute goes away. If I log out in
>>> a different application than the one I logged into, the attribute
>>> remains.
>>> So, somehow session attributes are being saved per application
>>> across sessions.
>>> Adrian Crum wrote:
>>>
>>>> Okay, I see in LoginEvents.java where session.invalidate() is
>>>> called during logout. Problem is, invalidate() isn't working. My
>>>> custom attribute is still bound to the session.
>>>>
>>>>
>>>> Adrian Crum wrote:
>>>>
>>>>> I'm setting a custom attribute that I need to persist across
>>>>> pages. So, the attribute is set with a session.setAttribute() call
>>>>> in a login.bsh script. The attribute persists as desired across
>>>>> all pages.
>>>>>
>>>>> When I log out and log back in, the attribute is set again,
>>>>> however it is given a different value. The new value should appear
>>>>> when I use session.getAttribute() but no, I get the same value as
>>>>> the last login.
>>>>>
>>>>> Maybe I'm not understanding sessions. I thought the session
>>>>> contained a bundle of attributes that pertain to a particular
>>>>> session, and a new bundle is created with each login.
>>>>>
>>>>>
>>>>>
>>>>> David E. Jones wrote:
>>>>>
>>>>>>
>>>>>> Are you sure it is in the session? Which "attribute" are you
>>>>>> looking at?
>>>>>>
>>>>>> -David
>>>>>>
>>>>>>
>>>>>> On Feb 21, 2005, at 4:23 PM, Adrian Crum wrote:
>>>>>>
>>>>>>> Okay, I know it's not my browser. If I log out, then completely
>>>>>>> exit my browser, then log back in, the attribute is still there.
>>>>>>>
>>>>>>>
>>>>>>> Adrian Crum wrote:
>>>>>>>
>>>>>>>> How/when do HTTP sessions expire? Shouldn't logout expire a
>>>>>>>> session, or somehow make it invalid?
>>>>>>>> I'm having a problem where I set a session attribute, logout,
>>>>>>>> then log back in, and the attribute is still there.
>>>>>>>> _______________________________________________
>>>>>>>> Users mailing list
>>>>>>>> Users at lists.ofbiz.org
>>>>>>>> http://lists.ofbiz.org/mailman/listinfo/users
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Users mailing list
>>>>>>> Users at lists.ofbiz.org
>>>>>>> http://lists.ofbiz.org/mailman/listinfo/users
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> -------------------------------------------------------------------
>>>>>> -----
>>>>>>
>>>>>> _______________________________________________
>>>>>> Users mailing list
>>>>>> Users at lists.ofbiz.org
>>>>>> http://lists.ofbiz.org/mailman/listinfo/users
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Users mailing list
>>>>> Users at lists.ofbiz.org
>>>>> http://lists.ofbiz.org/mailman/listinfo/users
>>>>>
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at lists.ofbiz.org
>>>> http://lists.ofbiz.org/mailman/listinfo/users
>>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.ofbiz.org
>>> http://lists.ofbiz.org/mailman/listinfo/users
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.ofbiz.org
>> http://lists.ofbiz.org/mailman/listinfo/users
>
>
> ------------------------------------------------------------------------
>
>
> _______________________________________________
> Users mailing list
> Users at lists.ofbiz.org
> http://lists.ofbiz.org/mailman/listinfo/users
More information about the Users
mailing list