[
https://issues.apache.org/jira/browse/WW-3451?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12870355#action_12870355
]
Christian Wolfgang Stone commented on WW-3451:
----------------------------------------------
Oh I disagree...
First, it will be reused by freemarker often with decorators. It maintains the
state you set in the freemarker view with the decorator, including the
knowledge of struts actions, etc.. Also, Freemarker disallows the use of ".XXX"
notation, so these parameters cannot be accessed from Freemarker views, but the
underlying model can access them. Users won't be able to access or set such
parameters in the session object. So it remains safe. This model supports the
Freemarker method of storing and retaining underlying model states, so it is
also consistent and will likely be easier to migrate to future Freemarker
configurations.
The smell comment is pretty funny. I don't even have a comment for it besides
the humor.
It seems that you have a better solution that requires a careful coding with
regards to Freemarker, the next Freemarker client (which I recommend you
research before you code your changes), and the Struts dispatcher. I would
love to see it! However, implementing a patch that breaks functionality
without also implementing new code that addresses the threatened features is a
very bad idea.
If the only issue you are concerned with is the serialization and
de-serialization accross servers, I recommend looking at the servlet filter and
implementing code that removes the session object at the completion of the
request, or implement a robust request handler that captures the request state
before the dispatcher releases control to the filters so that it can be
reconstructed when the filters pick it up. OR, perhaps overwrite the
serializable functionality of the HttpSessionHashModel with a new object that
leaves a blank object and test for that. This way if the session is
serialized, you have a near zero length object that won't affect performance.
I look forward to seeing the new patch you submit and testing it on my servers.
I take it you are volunteering to implement the work for the changes you
need...
> [FreemarkerManager] don't put ATTR_SESSION_MODEL into session
> ----------------------------------------------------------------
>
> Key: WW-3451
> URL: https://issues.apache.org/jira/browse/WW-3451
> Project: Struts 2
> Issue Type: Bug
> Reporter: zhouyanming
> Priority: Critical
> Attachments: patch.txt
>
>
> put ATTR_SESSION_MODEL into session is useless in current code, and harmful
> for distributed system
> and remove some other useless code,please see patch.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
