[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: UU code

To: uu@total-knowledge.com
Subject: Re: UU code
From: "Alexey Parshin" <alexeyp@gmail.com>
Date: Fri, 16 Mar 2007 06:43:36 +1100
Delivered-to: mailing list uu@total-knowledge.com
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=hJZBQhcpzTONLmGCUYPqfr3OqQmO5FjaaAheGg/y9B2fgruft9llZlpKnmfcSU+LBmoLA5RcAoQ6nD+I8mmXwFl3wunGRslCyZ4rZnXi70EvBbzD+QRLPfPrzxykEmvKDISW+0jpT/ldrxxknq9DI5kWb/pop3yhwVJ9d+010g0=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=b3AU9Oh2RwC0AVdQFFz6YPPLomcR5woOpRJdjyUcuBJmbmRD3XoFv7dbJCtMEUAxCq3vMoQiIoaa418Hm12HHq8PZS29T4+U/i5uIoR/1r19TnkPS1xIkpmX61m5O37iuUQd/IU4bLgckgaOevZeXq3iE6ZON6nMNZN7AG7XC04=
In-reply-to: <45F99C6C.8040508@total-knowledge.com>
Mailing-list: contact uu-help@total-knowledge.com; run by ezmlm
References: <48387.76.83.147.118.1172732440.squirrel@webmail.total-knowledge.com> <a75bc3cf0703132357n67afded9y94c3c5cb86ab5c33@mail.gmail.com> <45F79DFE.8060808@total-knowledge.com> <45336.76.83.147.118.1173936696.squirrel@webmail.total-knowledge.com> <a75bc3cf0703150134u59a01f75s70c958156d3d6f56@mail.gmail.com> <a75bc3cf0703150136i4e3c8ea8h28a1273e0f03a4b9@mail.gmail.com> <48159.76.83.147.118.1173963778.squirrel@webmail.total-knowledge.com> <45F97359.7070308@total-knowledge.com> <49492.76.83.147.118.1173984683.squirrel@webmail.total-knowledge.com> <45F99C6C.8040508@total-knowledge.com>

Actually, the login procedure takes care of user records in session_info. It always be zero or one record there.

2007/3/16, Ilya A. Volynets-Evenbakh < ilya@total-knowledge.com>:

sergey@total-knowledge.com wrote:
> In this case, I guess the solution is:
>
> In Header.csp
>
> <% if(request.hasAttribute("UserId")) { %>
> <input type="hidden" name="userid" value="<%=
> request.getAttribute<std::string>("UserId") %>"
> <% } %>
>
This isn't going to do you any good. You will not always have single
form to submit. This info should be kept inside of session.
> In UUServlet new operation
>
> void UUServlet::setEnvironment(HttpServletRequest& req){
> string userid = req.getParameter("userid");
> if(userid)
>   req.setAttribute("UserId", setattr_t(new string(userid)));
> }
>
No. User ID should be dealt with at login time, and saved in session.
Do not pass it around the network all the time - it's waste of resources.
> setEnvironment() can be used for setting other global parameters and will
> be called in each servlet service() function.
>
That might be good idea. Needs more detailed thinking. One thing
is that you don't really want to rely on every service function calling
this explicitly (you'll forget to call it at some point in time, I can
guarantee you that ;-)
> <snip getSessionInfo stuff>
>
You may want to change all that to key the temp login table
off of session ID rather then user ID. This way you don't need to
save any extra info in session itself.

BTW, the alternative path (clearing the temp table after processing
every request) is also implementable - if we make our DB connection pool
take care of that.

>> Guys, don't forget that database connections will be
>> pooled. That means there will be different requests
>> from _different_ users handled by the same connection.
>> This, in turn, means that unless someone takes care
>> of cleaning up the table after each request, there could
>> be more then one record in there.
>>
>>
>> sergey@total-knowledge.com wrote:
>>
>>> Understood.
>>> Here is my version:
>>>
>>>   bool isValid = false;
>>>   try {
>>>     CQuery qrySelect(&db,"select si_person from session_info");
>>>     qrySelect.open();
>>>     while ( ! qrySelect.eof() ) {
>>>       isValid = true;
>>>       qrySelect.fetch();
>>>     }
>>>     qrySelect.close();
>>>   }
>>>   catch (exception& e) {
>>>     cout<<"\nError: " <<e.what();
>>>   }
>>>   return isValid;
>>>
>>>
>>> I know it's supposed to be only one record in session_info table, but
>>> still prefer to loop since it's a select query.
>>>
>>>
>>>
>>>
>>>
>>>> Actually, the "no record test" is better to do not as:
>>>>
>>>> if (!user_id)
>>>>
>>>> but as (right after query_open()):
>>>>
>>>> if (query.eof())
>>>>
>>>> 2007/3/15, Alexey Parshin < alexeyp@gmail.com>:
>>>>
>>>>
>>>>> int user_id = 0;
>>>>> string user_name;
>>>>> try {
>>>>>    Query query(&db,"select si_person, si_person_name from
>>>>> session_info");
>>>>>    query.open();
>>>>>    user_id = query[0];
>>>>>    user_name = query[1];
>>>>>    query.close ();
>>>>>    if (!user_id)
>>>>>       throw CException("User not logged in");
>>>>> }
>>>>> catch (exception& e) {
>>>>>    cout << "OOPS, " << e.what() << endl;
>>>>> }
>>>>>
>>>>> 2007/3/15, sergey@total-knowledge.com < sergey@total-knowledge.com>:
>>>>>
>>>>>
>>>>>> In order to perform authentication on each application page I need to
>>>>>> find
>>>>>> out if user with certain ID exist in session_info table.
>>>>>> I want to make sure that I understand how it will work, so the
>>>>>>
>>>>>>
>>>>> question
>>>>>
>>>>>
>>>>>> is:
>>>>>>
>>>>>> 1. If session_info table exist.
>>>>>> AND
>>>>>> 2. There is a one entry there (doesn't matter what the value is).
>>>>>>
>>>>>> it means that current user is logged in.
>>>>>>
>>>>>> Is it true?
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>> --
>>>>> Alexey Parshin,
>>>>> http://www.sptk.net
>>>>>
>>>>>
>>>>>
>>>> --
>>>> Alexey Parshin,
>>>> http://www.sptk.net
>>>>
>>>>
>>>>
>>>
>>>
>> --
>> Ilya A. Volynets-Evenbakh
>> Total Knowledge. CTO
>> http://www.total-knowledge.com
>>
>>
>>
>
>
>

--
Ilya A. Volynets-Evenbakh
Total Knowledge. CTO
http://www.total-knowledge.com

--
Alexey Parshin,
http://www.sptk.net

Follow-Ups:
- Re: UU code
  - From: sergey@total-knowledge.com
- Re: UU code
  - From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>

References:
- UU code
  - From: sergey@total-knowledge.com
- Re: UU code
  - From: "Alexey Parshin" <alexeyp@gmail.com>
- Re: UU code
  - From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>
- Re: UU code
  - From: sergey@total-knowledge.com
- Re: UU code
  - From: "Alexey Parshin" <alexeyp@gmail.com>
- Re: UU code
  - From: "Alexey Parshin" <alexeyp@gmail.com>
- Re: UU code
  - From: sergey@total-knowledge.com
- Re: UU code
  - From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>
- Re: UU code
  - From: sergey@total-knowledge.com
- Re: UU code
  - From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>

Prev by Date: Re: UU code
Next by Date: Re: UU code
Previous by thread: Re: UU code
Next by thread: Re: UU code
Index(es):
- Date
- Thread

UniverseUniversity

uu

Re: UU code