On 29 oct. 2010, at 11:08, Stefan Andersson wrote:
>
> But, how did you solve session persistence in the java web server for
> authentication?
>
We are using JEE session. We are using Tomcat and/or Jetty.
JEE session is kept alive by the web container, there is nothing to do but in
that case creating a new session for each call just break JEE architecture,
except if what you call a session is not a JEE session.
Do you use that method to create a JEE session ? You can ensure to get the
current existing session if any or create the session if and only if there is
no existing JEE session.
http://download.oracle.com/javaee/1.3/api/javax/servlet/http/HttpServletRequest.html#getSession%28boolean%29
As explained, we handle authentication in a filter, so there is definitively no
session at all in our RPC services.
Also, double check that RPCJava is not creating a session, I remember having
seen code I didn't like about that, but not sure, it was more than one year ago
...
A quick way to check that would be to search for "session" keyword in RPCJava
contrib code. You should not find anything since RPC and session should not be
linked.
> Stefan
JBB.
------------------------------------------------------------------------------
Nokia and AT&T present the 2010 Calling All Innovators-North America contest
Create new apps & games for the Nokia N8 for consumers in U.S. and Canada
$10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
http://p.sf.net/sfu/nokia-dev2dev
_______________________________________________
qooxdoo-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel
