To: user@struts.apache.org
Sent: Mon, 19 Jan 2009 3:39 pm
Subject: Re: Struts 2 session problem
Yes, SEAM does:
http://www.seamframework.org/Documentation/DoesSeamSupportMultipleBrowserWindowsOrTabs
I haven't dug into exactly how they do it but I would not be surprised if
they pass
Agree, some applications need same conversation across windows/tabs, some
other application needs different conversations in seperate windows/tabs,
typical example will be online booking/trading system.
The server framework should support both models.
Thanks
Rajib
DNewfield wrote:
Good luck with SEAM.
RajibJana wrote:
I strongly feel that this should be a feature of S2, it will ease the
developers work. With due respect to S2, I can say that SEAM provides few
more relevant features that are required for todays enterprise
applications.
Thanks
Rajib
dusty wrote:
Good luck with SEAM.
And good luck to us incorporating some of its features--SEAM has a lot
going for it.
Dave
-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail:
It seems to me SEAM has answer to my problem. Check out their booking example
if anyone is interested.
Thanks
Rajib
RajibJana wrote:
The issue that you may lose track of that state for a user if another
user hijacks the session is not a use case for a feature but a description
of a
I think you can get the unique handle to either a tab or new window
created with Ctrl-N via the DOM. I remember trying this back when tabs came
onto the scene. With that key you could use a Map in session to correlate
the conversations.
Peace,
Scott
On Sun, Jan 18, 2009 at 11:32 PM, dusty
dusty wrote:
Creating a separate subsystem on the server to partition a single HTTP
session for multiple users and maintain the conversation is classic
overengineering. Seems like Seam has gone to a lot of trouble to provide
just another way to persist state.
It's not over-engineering to
+1
I find I need this all the time when developing; I want to login as 2
different users and test multi-user interactions. Currently I'm forced to
use 2 different browsers, login once with Firefox and once with IE.
This works for development but wouldn't be an acceptable answer for users
Lindholm [mailto:glindh...@yahoo.com]
Sent: January 19, 2009 2:19 PM
To: user@struts.apache.org
Subject: Re: Struts 2 session problem
+1
I find I need this all the time when developing; I want to login as 2
different users and test multi-user interactions. Currently I'm forced to
use 2 different
-
From: Greg Lindholm [mailto:glindh...@yahoo.com]
Sent: January 19, 2009 2:19 PM
To: user@struts.apache.org
Subject: Re: Struts 2 session problem
+1
I find I need this all the time when developing; I want to login as 2
different users and test multi-user interactions. Currently I'm forced
...@yahoo.com]
Sent: January 19, 2009 2:19 PM
To: user@struts.apache.org
Subject: Re: Struts 2 session problem
+1
I find I need this all the time when developing; I want to login as 2
different users and test multi-user interactions. Currently I'm forced
to
use 2 different browsers
To: user@struts.apache.org
Subject: Re: Struts 2 session problem
+1
I find I need this all the time when developing; I want to login as 2
different users and test multi-user interactions. Currently I'm forced
to
use 2 different browsers, login once with Firefox and once with IE
based on keys. At
the end of the day a servlet container creates a single session for a single
workstation.
Date: Mon, 19 Jan 2009 12:39:30 -0800
From: glindh...@yahoo.com
To: user@struts.apache.org
Subject: Re: Struts 2 session problem
Yes, SEAM does:
http://www.seamframework.org
@struts.apache.org
Subject: RE: Struts 2 session problem
Date: Mon, 19 Jan 2009 17:07:13 -0600
I agree with ya. I have been doing something very similar with hidden fields
in my app for some time. The server knows if a new browser instance is
requested by checking the hidden field. If its
revolutionary indeed.
RajibJana wrote:
The issue that you may lose track of that state for a user if another
user hijacks the session is not a use case for a feature but a description
of a bug
--The issue is windows tabs overwrite each others data that are put into
the session
: glindh...@yahoo.com
To: user@struts.apache.org
Subject: Re: Struts 2 session problem
Yes, SEAM does:
http://www.seamframework.org/Documentation/DoesSeamSupportMultipleBrowserWindowsOrTabs
I haven't dug into exactly how they do it but I would not be surprised if
they pass around
On Tuesday 20 January 2009 00:01:22 RajibJana wrote:
Can I expect this feature in future version of S2? It will help the S2
developers immensely, I bet.
Thanks
Patches are always welcome!
-Wes
--
Wes Wannemacher
Author - Struts 2 In Practice
Includes coverage of Struts 2.1, Spring, JPA,
andrh...@hotmail.com wrote
I agree with ya. I have been doing something very similar with
hidden fields in my app for some time.
If every request in your app is a POST, or if every link in your app is
javascript that causes a POST, that's fine. I like using actual links,
though, which
I strongly feel that this should be a feature of S2, it will ease the
developers work. With due respect to S2, I can say that SEAM provides few
more relevant features that are required for todays enterprise applications.
Thanks
Rajib
Wes Wannemacher wrote:
On Tuesday 20 January 2009
I strongly feel that this should be a feature of S2, it will ease the
developers work. With due respect to S2, I can say that SEAM provides few
more relevant features that are required for todays enterprise applications.
Thanks
Rajib
Wes Wannemacher wrote:
On Tuesday 20 January 2009
Maybe there's something I jut don't get, but two users sharing the
same issue sounds more like a security hole than a feature to me... If
a new users is performing a login in the same browser, I would make
sure that the old session is invalidated before the new user is logged
in.
Nils-H
On Sun,
On Sunday 18 January 2009 02:54:35 RajibJana wrote:
By conversation, I want to mean http session independent conversation. So
two simultaneous users sharing the same http session can work
independently, storing/retriving their own properties throughout the
application without having conflict
If
a new users is performing a login in the same browser, I would make
sure that the old session is invalidated before the new user is logged
in.
The old user may perform important operation ( may by ajax call), may hold
important info in the session. Before invalidate the old session, I need
Wes Wannemacher wrote:
Two users are not going to share the same session. Each user will get a new
session. That's how app servers work.
Check out the Seam conversation stuff.
It allows the same user (or, I suppose, two different users, but that's
not its primary purpose) to have multiple
On Sunday 18 January 2009 12:11:33 Dave Newton wrote:
Check out the Seam conversation stuff.
It allows the same user (or, I suppose, two different users, but that's
not its primary purpose) to have multiple session states.
I could, say, have two tabs open, but each has a conversation scope.
I'm guessing conversations are just different partitions in the
session. At least that's how I've seen it implemented before. And I
don't see how that would support having multiple _users_ in the same
session. Sure, you could probably emulate it in some way, but I have
serious doubts if it would
option 2 and 3 are overheads for a large app
This is an overstatment. The real question is whether This overhead causes
major [performance, etc] problems for THE app , u are working on [not any
large app], or not. And that is the question which you can only answer.
regards,
RajibJana
Dave , you read my concern correctly, and my app needs the feature you have
mentioned ( I guess many of such), Its not the login issue alone, the app
needs multiple user sessions/conversations independent of http session, I
will check how SEAM is providing such feature.
Thanks
Rajib
Conversations are just state persisted over a session. They could be used
for long transactions, wizards, etc. The issue that you may lose track of
that state for a user if another user hijacks the session is not a use case
for a feature but a description of a bug.
Creating a separate
The issue that you may lose track of that state for a user if another user
hijacks the session is not a use case for a feature but a description of a
bug
--The issue is windows tabs overwrite each others data that are put into the
session because windows tabs share same http session. So
Thanks Wes for your reply.
The application requires userid info for various reasons like authorization,
auditing etc. Hidden key (security reason) or cookies ( may be disabled)
are not the good way to handle this situation. I am wondering whether this
is not a common requirement for any web
*If the user opens a new browser instance, then a new session is created
and both the windows have their own user id info( i.e. userid doesnt
override)*
Taking the above point into consideration...you can try this way
1.When User X logged in successfully, you are storing the id in the session.
OK, I may try this if no other solution emerges.
My question this is typical requirement for any enterprise level web app,
how Struts2 handles it?
If it does not able to, then there is no other option but to leave S2 and
look for other server frameworks. There is a need of looking beyond http
OK, If you find better solution, please let me know
On Sat, Jan 17, 2009 at 2:58 PM, RajibJana rajibj...@gmail.com wrote:
OK, I may try this if no other solution emerges.
My question this is typical requirement for any enterprise level web app,
how Struts2 handles it?
If it does not able
Seems to me S2 can not give better solution than you have mentioned.
I checked relevent codes in S2 ( e.g. scope interceptor) and IMO, struts 2
can not have feature like user session/conversation as it depends on http
session for session mgmt.
Thanks
Rajib
abhishek reddy wrote:
OK,
Please check http://www.roseindia.net/struts/struts2/struts2-login.shtml
Thanks
-Original Message-
From: RajibJana [mailto:rajibj...@gmail.com]
Sent: Saturday, January 17, 2009 4:35 PM
To: user@struts.apache.org
Subject: Re: Struts 2 session problem
Seems to me S2 can not give better
Deepak Kumar wrote:
Please check http://www.roseindia.net/struts/struts2/struts2-login.shtml
I don't see how that addresses the issue at all; perhaps you could
explain further?
Thanks,
Dave
-
To unsubscribe, e-mail:
Yes, Dave, the tutorial does not address the problem.
My application has user authentication page which has userid/password field.
The valid user id ( after checking the user info in db) is put into the
session map ( action implments sessionaware interface). The application has
lots of screens
There are a few solutions to your problem:
1- You can serialize your object as a hidden field and deserialize it on each
request if you need it. It serves like a baggage that you carry form page to
other. In this way, you avoid putting any object in session scope.
Some folks may argue that this
RajibJana wrote:
1) if one opens a window and a tabbed window, logs into the application by
giving different user id and password combinations, then two seperate
sessions are not created. As a result, in the session map userid overrides
each other and same user id ( last logged in user ) is
Dale Newfield wrote:
One running browser instance shares session across all windows. Using
Safari and Firefox in tandem will allow two sessions from one machine.
The OP wants a SEAM-like solution, but S2 doesn't have that
functionality built-in (nor do most other frameworks, AFAIK).
It
option 2 and 3 are overheads for a large app, I will check option 3 ,
currently I am using glassfish, will check whether option 3 is available in
gf.
Thanks
Rajib
Struts Two wrote:
There are a few solutions to your problem:
1- You can serialize your object as a hidden field and
DNewfield wrote:
RajibJana wrote:
1) if one opens a window and a tabbed window, logs into the application
by
giving different user id and password combinations, then two seperate
sessions are not created. As a result, in the session map userid
overrides
each other and same user id (
Sorry for replying late, as there is time diff ( living in India)
Yes, the app wants SEAM conversation feature. Does S 2.1.6 provide any such
feature or any other future version?
Thanks
Rajib
newton.dave wrote:
Dale Newfield wrote:
One running browser instance shares session across
Allowing a user to login again to a different ID using the same session is a
FAIL.
It is not really a S2 issue, but an authentication implementation issue. It
is true that S2 does not provide a default authentication/authorization
implementation, but Spring Security does the job very well.
This is not a authentication/authorization issue alone, app needs to maintain
various user session specific info that need to be accessed in other action
classes, enterprise level web app needs that. ( Thats why in SEAM, that is a
highlighted feature).
I can implement spring security, thats not
I agree conversations would be a nice feature, but aren't
conversations usually just different states in the application for the
same user? I'm having difficulties understanding how it would solve a
problem of two simultaneous users sharing the same session. I would
say that is more of a
By conversation, I want to mean http session independent conversation. So two
simultaneous users sharing the same http session can work independently,
storing/retriving their own properties throughout the application without
having conflict with other user .
Thanks
Rajib
Nils-Helge Garli
On Saturday 17 January 2009 00:23:49 RajibJana wrote:
1) A User opens a browser window( IE 7/Firfox) and logs in the application
as User X and the application shows the logged in userid as X and DB
transactions also get userid info as X.
2) The same user opens a bowser tab or new window from
49 matches
Mail list logo
