Grzegorz Kossakowski wrote: > Reinhard Poetz pisze: > >> After have been using the servlet-service framework for about 1/2 a >> year, I have to say that I haven't been missing the access to sessions >> because a child-request shouldn't affect a parent request. Whatever it >> has to return to its parent, should be part of the response IMO instead >> of being passed around indirectly. >> > > I have exactly the same feelings as Reinhard on this. If you want to pass > something to child request > use request parameters for simple values or POST request (using postable > source) for passing more > complicated structures. The same goes for passing data from sub-request to > parent one. > > Basic goal behind such design is to really, really avoid any possibility of > side-effects
Using sessions for passing information should be considered evil (I'm still being decontaminated and exorcised...). But what about data which is really relevant e.g. login data. Should it really passed every time? What if someone logs out? If te session is invalidated you're finished. With request still having login data you can't be sure you have left session completely. Florian
