> Does anyone have any advice on a good way to handle the situation where a
> user bookmarks pages in your web app that require data from previous
entries
> in it's session attributes?
This can be tricky, but you may see if you can structure things early on to
not require things be stored in the session. It may be heresy, but holding
things in sessions can be a real mistake in the web world. For one thing,
sessions generally time out, so if someone goes to your page, then goes to
the bathroom or lunch and then tries to continue, they will usually get an
error. Also, holding too much in a session means that your site will not
scale up -- which is not a problem for many sites that really don't have so
many visitors (let's face it, 90% of the traffic is going to only 10-20
sites, so most people really don't have sites that generate that much
traffic -- possibly on a few thousand per day when they are doing okay).
One other problem that you haven't seen, no doubt, is that bookmarks are
just one form of the problem. There are others, including people sending a
link via email to someone else, or a search engine holding your link when
crawling your site. In general, whenever possible, make sure each page that
has its own URL is accessible by specifying the URL (I suppose you can use
frames when you want a series of pages to work as a single construct rather
than being individually addressable) regardless of session information. And
you might want to instruct compliant robots to not index pages that cannot
be accessed except by going through a process in a session.
The last point is that most web crawlers cannot index sites very well that
require session stuff, since they generally will not recognize cookies, and
if you use URL rewriting to include a session id, they will be included in
the URL that is "remembered" even though that session id will not be valid
later, and finally the web crawler will not go through your site in a
human-logical way, so pages will be accessed "out of session order"!
The best bet is to remain context free.
David
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
