Thanx very much Craig!!! The reason I went thru this whole thing was that I
DIDNT wanted to have a JDBC Pooling kinda mechanism, I mean I am doing the
user authentication via backend(oracle db) login which means I would have to
create an explicit connection and maintain that for each user. First I was
going to put the DBManagerBean in session scope but I read in the
JSP-INTEREST mailing that stuffing connection in session is not a good
practice(serialization??) so I managed things like that via the loginbean.
Am I right on that??? So if I made my LoginBean of session scope and took
out the hashtable stuff(managing sessions) would that be a way around??
Nothing is an "application" scope as I see it including the DB connection
since its a per user/per session based thing.
Once Again Thnx!!!
-----Original Message-----
From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 13, 1999 7:24 PM
To: [EMAIL PROTECTED]
Subject: Re: Design Question??
"Imam, Asim, CFCTR" wrote:
> Hi Folks,
>
> I finally have done developing a JSP query application. I need ur experts
> advice on the following code I have written that hopefully I havent
written
> anything illegal(in terms of designing this thing) or if it is a poor/good
> way of doing things in JSP environment.
>
> Greatly appreciate any help..thanx in advance
>
As you might imagine, there is lots of room for variation in designs like
this.
The following comments reflect my own personal design preferences more than
any
issue of being "good" or "bad".
When looking at your login bean, it seems to me that you are combining two
conceptual objects that have both different lifetimes and different numbers
of
occurrences:
* A mechanism to utilize a database of some sort
to validate username/password combinations
(one instance needed, shared across the entire
application for its entire life).
* A mechanism to record the fact that a particular
user has logged on at a particular moment and
created a particular session (one instance per
session required, should go away when the session
is invalidated or times out).
In my designs, I use an application-scope bean for the first requirement, so
that
any servlet or JSP page in the app that needs access to the database can do
so.
(In my apps, this object is in fact a JDBC connection pool). It is
initialized
when the app starts up, and finalized when the app shuts down.
When users actually log on, I create an object (in my apps it is also called
LoginBean) that is stored with session scope, instead of application scope.
This
avoids any requirement for me to create internal hashtables to keep track of
multiple sessions -- the server is doing that for me already because it
keeps the
individual sessions in some sort of a collection like this.anyway. When the
user
logs off, the session is invalidated and any objects in it (including the
LoginBean) are removed and made available for garbage collection. If you
need to
do any application level cleanup, having this kind of LoginBean implement
HttpSessionBindingListener is a useful strategy.
Using this technique, I can also use the *absence* of a LoginBean object
with
session scope as an indication that one of the following things happened:
* The user's session has timed out, so a new one was
created for me (because I said session=true in the
page directive). The new session will have no session
scope objects any more.
* The user followed a hyperlink to a page in the middle
of my app, trying to bypass the login form.
In either case, the action I take is to forward the user to my login form.
Craig McClanahan
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
