Home Projects Jobs Clientele Contact


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


So, I implemented basic session management.
Currently it is implemented as follows:
1. One can call request.getSession().
    if no session exists, or session have expired/been invalidated, new
session is
    created implicitly.
2. One can call request.isRequestedSessionIdValid() to find out if user had
    an expired session
3. Sessions are identified through cookie, which is for now
unconditionally set with no timeout
    (that is, it lives as long as browser in't closed)
4. Session attributes all have to be derived from cserv::CPPServObject
    (see src/test/Servlet2.cpp for an example of how to use
5. All attributes have to be allocated on heap.
6. All attributes are deleted() when session dies.
7. Actual clean-up of session may happen later then it expires. However,
if user requests
    it once it expired, he will still get a new one, and old one will
die eventually.
    There is separate thread runnig, that periodically checks and cleans
up invalid sessions.
8. Currently all sessions are global. i.e. there is no concept of
"Application context".
    However, it would be fairly easy to add that - all we need is to
create multiple ServletContextImpl
    objects and associate them with ServletContainer objects. (Currently
there is one global ServletContextImpl
Hmm... I think I didn't forget anything...

Ilya A. Volynets-Evenbakh
Total Knowledge. CTO

Authoright © Total Knowledge: 2001-2008