• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
  • Junilu Lacar
Sheriffs:
  • Tim Cooke
  • Jeanne Boyarsky
  • Knute Snortum
Saloon Keepers:
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
  • Piet Souris
Bartenders:
  • salvin francis
  • fred rosenberger
  • Frits Walraven

HttpSession Dilemma

 
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am sure this topic has been discussed before.
I have a web application which draws heavy traffic (still!). User preferences are needed thru out the session. If I use session to store these I get in serious session management issue and system crashing.
I came up with a custom HttpSession solution where, I store all simple objects (int,strings) in the cookie. If there are any complex object (Map), I create HttpSession and store the complex object in HttpSession.
If a user had cookie disabled then we will store everything in HttpSession.
This model work great except first time, when the request comes in and user has cookie disabled: I loose the data since once I check the cookie first time, its too late to create the HttpSession. After that it works fine.
Any suggestions how to solve this problem or alternative to this whole approach.
 
Ranch Hand
Posts: 413
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I just posted something that sounds simular to that here (look at he end of that thread):
https://coderanch.com/t/281041/JSP/java/Back-button-JSP
 
Sandep Chaturvedi
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks. It sure is a good idea - but what if I want to store data which I dont want user to know about (he can grab it from the form if he knows its there)?
 
Yuriy Fuksenko
Ranch Hand
Posts: 413
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes,
He can grab it from a form, transform to byte array, create ByteArrayInputStream than use ZipInputStream and ObjectInputStream, read the object, than cast it to a HashMap and get this values
If you really conserned about this, you could encrypt a result string on a way to your page and decrypt it when you get it back.
 
Ranch Hand
Posts: 150
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How about put all object into HttpSession object. This is what I do. It works fine.
??
 
Yuriy Fuksenko
Ranch Hand
Posts: 413
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
There are some disadvantages in using HttpSession :
1. You need to keep your page in sinc with session info. Back button could easly blow up you web app.
2. scalability. A lot of users with session information will eat memory on a server.
3. If user does in IE File-New-Window, or opens multiple instances of NS, this windows will share same session, so if you access same page from both of them you could get some unpredictable results.
I am not saying "don't use HttpSession". I am saing "there is an altrnatives" so, use it if you want, or use something else, if you like it better.
[ August 29, 2002: Message edited by: Yuriy Fuksenko ]
 
Would you like to try a free sample? Today we are featuring tiny ads:
Two software engineers solve most of the world's problems in one K&R sized book
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
    Bookmark Topic Watch Topic
  • New Topic