Hi, Over in Apache Sling, we create new sessions for each request.
We used to have Session pooling (maintain a pool of open sessions per user to be reused on future requests). But this proved unstable and slower than calling Repository.login on each request (!) and we will remove the Session pool code in the near future. We do not use any HTTP Session. Also we do not share sessions between requests. The problem, you will have doing this is, that Session objects are not thread safe. So while reading from the same session concurrently will generally be rather safe (no guarantee, though), writing concurrently with the same sessions is a guaranteed failure. Hope this helps. Regards Felix On 21.01.2010 18:41, John Tranier wrote: > Hi everybody, > > I would like to have advices about how I should handle JCR sessions in > my application context. > I have read the guide on the wiki, but I'm not clear about what is > called "transient mods", if my application fall into it, and finally how > to deal with that case. > > I am using a Jackrabbit repository to handle personal storage space for > users of my web application. I've defined personalized access for each > users, so it's about personalized accounts. > > Up to now, I've handled sessions by creating a session for each http > request. But since my application makes use of AJAX to display the tree > view of the personal space of a user, a lot of requests may be launched > in sequence, causing a lot of login/logout... > > Would it be a better practice to use a http session scope instead of > request scope, with eventually a TTL after which a session would be closed? > > Thanks in advance, > John > > >
