[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Re: UU code
So it means that having DB pool and session_info table the way we have it
implemented now is impossible.
> Actually, the login procedure takes care of user records in session_info.
> It
> always be zero or one record there.
>
> 2007/3/16, Ilya A. Volynets-Evenbakh <ilya@total-knowledge.com>:
>>
>> sergey@total-knowledge.com wrote:
>> > In this case, I guess the solution is:
>> >
>> > In Header.csp
>> >
>> > <% if(request.hasAttribute("UserId")) { %>
>> > <input type="hidden" name="userid" value="<%=
>> > request.getAttribute<std::string>("UserId") %>"
>> > <% } %>
>> >
>> This isn't going to do you any good. You will not always have single
>> form to submit. This info should be kept inside of session.
>> > In UUServlet new operation
>> >
>> > void UUServlet::setEnvironment(HttpServletRequest& req){
>> > string userid = req.getParameter("userid");
>> > if(userid)
>> > req.setAttribute("UserId", setattr_t(new string(userid)));
>> > }
>> >
>> No. User ID should be dealt with at login time, and saved in session.
>> Do not pass it around the network all the time - it's waste of
>> resources.
>> > setEnvironment() can be used for setting other global parameters and
>> will
>> > be called in each servlet service() function.
>> >
>> That might be good idea. Needs more detailed thinking. One thing
>> is that you don't really want to rely on every service function calling
>> this explicitly (you'll forget to call it at some point in time, I can
>> guarantee you that ;-)
>> > <snip getSessionInfo stuff>
>> >
>> You may want to change all that to key the temp login table
>> off of session ID rather then user ID. This way you don't need to
>> save any extra info in session itself.
>>
>> BTW, the alternative path (clearing the temp table after processing
>> every request) is also implementable - if we make our DB connection pool
>> take care of that.
>>
>> >> Guys, don't forget that database connections will be
>> >> pooled. That means there will be different requests
>> >> from _different_ users handled by the same connection.
>> >> This, in turn, means that unless someone takes care
>> >> of cleaning up the table after each request, there could
>> >> be more then one record in there.
>> >>
>> >>
>> >> sergey@total-knowledge.com wrote:
>> >>
>> >>> Understood.
>> >>> Here is my version:
>> >>>
>> >>> bool isValid = false;
>> >>> try {
>> >>> CQuery qrySelect(&db,"select si_person from session_info");
>> >>> qrySelect.open();
>> >>> while ( ! qrySelect.eof() ) {
>> >>> isValid = true;
>> >>> qrySelect.fetch();
>> >>> }
>> >>> qrySelect.close();
>> >>> }
>> >>> catch (exception& e) {
>> >>> cout<<"\nError: " <<e.what();
>> >>> }
>> >>> return isValid;
>> >>>
>> >>>
>> >>> I know it's supposed to be only one record in session_info table,
>> but
>> >>> still prefer to loop since it's a select query.
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>> Actually, the "no record test" is better to do not as:
>> >>>>
>> >>>> if (!user_id)
>> >>>>
>> >>>> but as (right after query_open()):
>> >>>>
>> >>>> if (query.eof())
>> >>>>
>> >>>> 2007/3/15, Alexey Parshin <alexeyp@gmail.com>:
>> >>>>
>> >>>>
>> >>>>> int user_id = 0;
>> >>>>> string user_name;
>> >>>>> try {
>> >>>>> Query query(&db,"select si_person, si_person_name from
>> >>>>> session_info");
>> >>>>> query.open();
>> >>>>> user_id = query[0];
>> >>>>> user_name = query[1];
>> >>>>> query.close ();
>> >>>>> if (!user_id)
>> >>>>> throw CException("User not logged in");
>> >>>>> }
>> >>>>> catch (exception& e) {
>> >>>>> cout << "OOPS, " << e.what() << endl;
>> >>>>> }
>> >>>>>
>> >>>>> 2007/3/15, sergey@total-knowledge.com
>> <sergey@total-knowledge.com>:
>> >>>>>
>> >>>>>
>> >>>>>> In order to perform authentication on each application page I
>> need
>> to
>> >>>>>> find
>> >>>>>> out if user with certain ID exist in session_info table.
>> >>>>>> I want to make sure that I understand how it will work, so the
>> >>>>>>
>> >>>>>>
>> >>>>> question
>> >>>>>
>> >>>>>
>> >>>>>> is:
>> >>>>>>
>> >>>>>> 1. If session_info table exist.
>> >>>>>> AND
>> >>>>>> 2. There is a one entry there (doesn't matter what the value is).
>> >>>>>>
>> >>>>>> it means that current user is logged in.
>> >>>>>>
>> >>>>>> Is it true?
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>> --
>> >>>>> Alexey Parshin,
>> >>>>> http://www.sptk.net
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>> --
>> >>>> Alexey Parshin,
>> >>>> http://www.sptk.net
>> >>>>
>> >>>>
>> >>>>
>> >>>
>> >>>
>> >> --
>> >> Ilya A. Volynets-Evenbakh
>> >> Total Knowledge. CTO
>> >> http://www.total-knowledge.com
>> >>
>> >>
>> >>
>> >
>> >
>> >
>>
>> --
>> Ilya A. Volynets-Evenbakh
>> Total Knowledge. CTO
>> http://www.total-knowledge.com
>>
>>
>
>
> --
> Alexey Parshin,
> http://www.sptk.net
>
- References:
- UU code
- From: sergey@total-knowledge.com
- Re: UU code
- From: "Alexey Parshin" <alexeyp@gmail.com>
- Re: UU code
- From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>
- Re: UU code
- From: sergey@total-knowledge.com
- Re: UU code
- From: "Alexey Parshin" <alexeyp@gmail.com>
- Re: UU code
- From: "Alexey Parshin" <alexeyp@gmail.com>
- Re: UU code
- From: sergey@total-knowledge.com
- Re: UU code
- From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>
- Re: UU code
- From: sergey@total-knowledge.com
- Re: UU code
- From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>
- Re: UU code
- From: "Alexey Parshin" <alexeyp@gmail.com>