Where can I read about how things are stored in the session?
In particular is it a deep copy of the object? ie. recursively copies all
reference objects too?
ie. if I have an object reference that's stored in the session (the object I
assume) and I change some state.. If I ask for it out of the session again
what state will it show?
I'd also like feedback on the following.
The site i'm at has the following user hierarchy
User
Authenticated User
Admin User
....
Basically you can have three types of users and unfortunately they used
subclassing. I say unfortunately because these things are stored in the
session and it's common to see code like this
AuthenticatedUser u = (AuthenticatedUser)unauthenticatedUser
and
AdminUser a = (AdminUser)u
and every now and then you get casting exceptions because the code doesn't
deal with the permuations correctly.
Is it not better to simply use state on a regular User account to indicate
authentication or not and administritive rights and just use User types
without subclassing?
Is putting subtypes of types in the session discouraged? What I mean is not
being consistent about the type of the object for the key and having no
other indicator of the object other than instanceof?
....
I would feel much more comfortable using bit flags/state etc on a regular
User type and just putting those in the sessions rather than assuming that
under the key UESR in the session could be a User or AuthenticatedUser or
AdminUser
.....
Anyone care to chime in here?
---
Robert Nicholson
Email: [EMAIL PROTECTED]
AOL : rydmerlin
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
