On 11/4/07, Chris Scott <[EMAIL PROTECTED]> wrote: > What Sean is suggesting as a 'UserService' can be thought of a a > SessionFacade. This is an object that you use to encapsulate all > access to the Session, and can provide methods like 'getCurrentUser()'
But I do *not* advocate a single generic session facade - I am very, very adamantly opposed to that approach because it totally breaks encapsulation: > or 'getValue(key)' (along with accompanying setters. Inside these ...that would mean any service component that has access to the facade could access *any* session variable! That totally defeats encapsulation - you might just as well refer to session scope directly. What I am suggesting is a service component that deals with user objects and as *part* of that role, it encapsulates how an individual user object is managed in memory. It may be held in session scope or it could be managed by a cookie (containing the user ID and you fetch the user details from the database as needed) or whatever. -- Sean A Corfield -- (904) 302-SEAN An Architect's View -- http://corfield.org/ "If you're not annoying somebody, you're not really alive." -- Margaret Atwood
