On Mon, Feb 22, 2010 at 5:58 PM, Strom <[email protected]> wrote: > Sometimes the best solution is the simplest, and in this case, > overlooked. >
Please keep in mind that if you carry the primary key around in the URL, then (1) you've exposed the primary key to the world (this can have negatives including giving people an idea of home many of a given item you have in your RDBMS) and (2) you have to do a lot of value checking on each page submit to make sure that whoever is accessing the record has permission to access the record. > > Thanks Ross! > Strom > > On Feb 22, 5:46 pm, Ross Mellgren <[email protected]> wrote: > > On Feb 22, 2010, at 8:39 PM, Strom wrote: > > > > > Thanks for responding Ross. Always helpful. > > > > > On Feb 22, 5:25 pm, Ross Mellgren <[email protected]> wrote: > > >> Session scope is until the LiftSession expires (which is tied to the > container session) and is longer. > > > How does one determine the container session scope? Anywhere I can > > > read up on this basic knowledge? > > > > Well the precise details depend on the container, but most containers by > default set a cookie called JSESSIONID that is used to maintain the session > ID and the cookie last until browser logout. The server-side session data is > usually kept alive 20 minutes from the most recent time a request used that > session ID, but it's configurable in web.xml, and perhaps overridable in > whatever container-specific config is available. > > > > >> Request scope is during the "current page" which means the original > page request and any associated AJAX callbacks and other function bindings. > > > Does this include redirects to the same page with additional query > > > parameters? I'm using this to search, and would like to have the query > > > params so people can bookmark their search. > > > > I don't believe it includes these. If you want something bookmarkable, > you should explicitly place whatever parameters need to persist in the query > string -- function mapping bindings are ephemeral, and even so the session > would be expired by the time the bookmark was used. > > > > > Thanks again! > > > > No problem. > > > > -Ross > > -- > You received this message because you are subscribed to the Google Groups > "Lift" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<liftweb%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/liftweb?hl=en. > > -- Lift, the simply functional web framework http://liftweb.net Beginning Scala http://www.apress.com/book/view/1430219890 Follow me: http://twitter.com/dpp Surf the harmonics -- You received this message because you are subscribed to the Google Groups "Lift" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/liftweb?hl=en.
