This is one of scenerios I was talking about.But I am not sure if this problem is specific to forms being in session.I mean even if the form is in request(but has al teh data necessery to perform the request), even in this case the user may have 2 different windows open(One old and one latest)and submit the old one but actuall the current state being already updated by user in another window.And This is the exact scenerio where struts token mechanism comes into picture, but that is not the point we are discussing...
The other scenerio can be as follows.(The assumption is same form is being used for multiple related/Unrelated actions.And I think this is mainly the case when forms are kept in session). So in this case, the form may accumulate a number of properties which will be used by action to call service layer.But the same properties of the form may be set differently if the user has followed a different path(This being quite possible in a web application as the user may have performed any sequence of actions before actually caling a specific action.)So you do not have explicit control over the data being used by the action. But if the same form is request scope, you have to exactly know what properties are required in an action & you consiously have to pass those properties either as request parameters or as hidden parameters.And even after that if you need to take anything from session, that is also not implicit but very explicit design decision.And you have to code in action to get it from session.So the developer knows exactly what data he needs and what he is taking from the global repository(Session). I know this does not make it very clear(Soem use case scenerio would have been better .But in a fairly complex project, this becomes a very big problem,especialy when diferent developers maintain each others code.The data flow is not quite clear if the form is in session. HTH. regards, Shirish -----Original Message----- From: Robert Nocera [mailto:[EMAIL PROTECTED] Sent: Friday, February 13, 2004 5:41 PM To: 'Struts Users Mailing List' Subject: RE: [OT] - Request against Session Mark, My interpretation of that comment was that if a user has two windows open and are going back and forth between the windows, the system may use information from one window to update the information in the session that actually relates to the old window. This would be a pretty poor design, but it's the only interpretation I can guess. So the following could happen: 1. User chooses to edit order A. 2. Order A information is stored in the session and user is taken to an order edit screen. 3. User chooses to edit order B in a new window. 4. Order B information is stored in the session and user is taken to an order edit screen. 5. User goes back to edit screen for order A and adds an item. 6. Because the session has Order B info in it, the info is either added to Order B (instead of the intended Order A) Seems to me a pretty easy thing to check if the info they are updating relates to the info in the session, but that could be just me. -Rob -----Original Message----- From: Mark Lowe [mailto:[EMAIL PROTECTED] Sent: Friday, February 13, 2004 11:22 AM To: Struts Users Mailing List Subject: Re: [OT] - Request against Session Am i to assume that there's no issue then ? or am i being too stupid to warrant a response? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
