Larry
That is pretty cool. We implemented an HttpSessionBindingListener class
and registered it. That gets called when the session is getting blown
away.
Tony
----
Larry Cable wrote:
>
> Note that *just* storing the EJB reference on the HttpSession is
> *not* sufficient, since the
> HttpSession can in invaldiated or can timeout regardless of the fact
> that the client does not
> believe it has completed it's interaction with the server. Thus you
> should encode the Serialized
> Handle to the EJBObject as a Cookie in the HttpServletResponse and
> restore it from the Cookie
> retrurned in subsequent HttpServletRequest(s) (as per my previous
> example).
>
> Also note that until we introduce a better definition of an
> Application Model for Servlets that
> storing such state in the HttpSession object has security
> implications in that it can be shared
> across all Servlets in a web server ... we hope to fix this real
> soon now as part of the JSP and
> Servlet work we are doing for J2EE ...
>
> Rgds
>
> - Larry
>
> ===========================================================================
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
--
Tony Holderith | Interactive Business Solutions
[EMAIL PROTECTED] | NetCentric Solutions
http://www.interactivebusiness.com | Business Objects
voice: 310.414.6760 | fax: 310.414.6759
Don't connect to the Internet - be there. IBS
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
