Hey what does that thing implementing ApplicationAware really do for you? On 8/26/07, Mark Rollins <[EMAIL PROTECTED]> wrote: > > > You are correct - I decided to refactor as I was pasting!! Sorry. > > > Rod Bollinger wrote: > > > > This may not be the only issue but I do see a typo in setSession()... > > > > It should be: this.session = session; instead of this.session = map; > > > > -Rod > > > > > > -----Original Message----- > > From: Mark Rollins [mailto:[EMAIL PROTECTED] > > Sent: Saturday, August 25, 2007 05:47 > > To: user@struts.apache.org > > Subject: Re: Session problem > > > > > > > > This is my first Struts app, so it's quite simplistic. What I'm trying > to > > achieve is to lock down certain processes so that only one user can run > > them > > at a time. I intended to do this by having an application variable > holding > > the User object for the user currently running the process and examining > > this prior to starting the process and reporting who was running it if > it > > was already running. > > > > All Actions extend BaseActionSupport (this is a cut down version)... > > > > //============================== > > > > public abstract class BaseActionSupport extends ActionSupport implements > > SessionAware, ApplicationAware { > > > > protected Map session; > > protected Map application; > > > > ... > > public void setSession(Map session) { > > this.session = map; > > } > > > > public void setApplication(Map application) { > > this.application = application; > > } > > ... > > > > public User getUser() { > > return (User) session.get(CURRENT_USER); > > } > > > > ... > > > > protected boolean setProcessLock(String lockName) throws > > ActionException > > { > > > > if(lockName.equals("")) throw new ActionException("Lockname not > > specified in setProcessLock"); > > > > User processLock=(User) application.get(lockName); > > > > if(processLock!=null) > > throw new ActionException("Process lock "+lockName+" already > > set. Use checkProcessLock() first."); > > else{ > > application.put(lockName, this.getUser()); > > return true; > > } > > } > > ... > > } > > > > //============================== > > > > > > In the LoginAction, where User bean is declared with "prototype" > scope... > > > > ... > > ApplicationContext context = SpringUtils.getApplicationContext > (); > > User usr = (User) context.getBean("User"); > > > > > > ... > > if (usr.exists(userID)) { > > usr.getUser(userID); > > if (usr.validPassword(password)) { > > logger.info("User " + usr.getUserID() + " logged on."); > > session.put(CURRENT_USER, usr); > > return SUCCESS; > > } > > } > > ... > > > > > > > > //============================== > > > > > > In setProcessLock, the getUser() call returns the second user object > when > > run by the first user (using the previous example). There may be no > other > > actions between the login and the process commencing so the opportunity > > for > > overwriting is very limited, and I don't think this is the problem > (well, > > not directly anyway). > > > > > > > > Laurie Harper wrote: > >> > >> You have some cross-talk somewhere in your code, by the sound of it. > >> Take a look at any code that touches the session; you probably have > >> something somewhere that's at the wrong scope (in application scope > when > >> it should be session/request, a Spring bean accidentally configured as > >> singleton scope, ...). > >> > >> Without access to your source code, it's impossible to say much more > >> than that but if you can narrow it down and post the code that's > causing > >> the problem, someone may be able to explain why it's not working as you > >> expected. > >> > >> L. > >> > >> MARollins wrote: > >>> I am running everything from one machine, but access the app from > >>> different > >>> browsers in order to get different sessions (ie IE and Firefox). I > have > >>> tried the second user from another machine and it didn't make any > >>> difference. > >>> > >>> The app also uses Spring, but I have configured this to give me a new > >>> user > >>> object as required rather than the default singleton, and I'm happy > this > >>> is > >>> working. > >>> > >>> When logging in for the second user, I can see that the session map is > >>> empty > >>> for the new user's session, then session.put is called with the new > user > >>> object, and this seems OK. > >>> > >>> If I then call an action using the first user and access the session > >>> map, > >>> hey presto, I've got the user object from the second user. > >>> > >>> Server is Tomcat 5.5 and Struts is v2. > >>> > >>> > >>> newton.dave wrote: > >>>> --- MARollins <[EMAIL PROTECTED]> wrote: > >>>>> I'm having a problem whereby objects saved on the > >>>>> Session are visible to other sessions. > >>>>> > >>>>> For example, the login page saves a new User object > >>>>> on the session using session.put (I have a base > >>>> class > >>>>> for all my Actions which implements SessionAware in > >>>>> order to be able to access Session variables). When > >>>> a > >>>>> second user logs on, the first user then sees the > >>>>> second user's ID. It's almost like we're writing to > >>>>> the application rather than the session. > >>>>> > >>>>> Any ideas where I'm going wrong? > >>>> Not with so little information to go on. > >>>> > >>>> Is the "second user's login" happening from a > >>>> different machine and / or different browser? > >>>> > >>>> d. > >>>> > >>>> > >>>> --------------------------------------------------------------------- > >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] > >>>> For additional commands, e-mail: [EMAIL PROTECTED] > >>>> > >>>> > >>>> > >>> > >> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > -- > > View this message in context: > > http://www.nabble.com/Session-problem-tf4324658.html#a12324676 > > Sent from the Struts - User mailing list archive at Nabble.com. > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > -- > View this message in context: > http://www.nabble.com/Session-problem-tf4324658.html#a12333777 > Sent from the Struts - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
-- Pavel Sapozhnikov xFact, Inc [EMAIL PROTECTED]
