Re: Storing user entity in session?
Martijn, I see your point about users clicking fast and causing an exception if I keep a User in the session (transient or otherwise). I too would be curious to see some example code of how you handle the situation. Thanks, Tauren On Mon, Feb 23, 2009 at 11:47 PM, Alexander Lohse a...@humantouch.de wrote: Hi Martijn, could you paste some short example code to point out how to load and access a UserModel in the requestcycle? Regards, Alex Am 23.02.2009 um 08:42 schrieb Martijn Dashorst: - Show quoted text - Storing the user in a field of Session is wrong. Didn't you read the concurrency caveats I posted earlier? When users click fast enough, you'll get Hibernate exceptions pretty soon. Entity instances can't be shared between multiple threads. Putting them in the Session exposes them to that threat. Putting transient before the field doesn't mitigate that, neither does synchronized. Martijn On Fri, Feb 20, 2009 at 11:25 PM, Tauren Mills tau...@groovee.com wrote: Nino and Martijn, Thanks for the help. Last night I was looking through the elephas code and found a solution that I think will work for me. It doesn't store an LDM in the session, but stores an identifier and a *transient* instance of User. This seems like an effective solution to me. I tried it out and haven't had problems yet. Here's the elephas session so you can see for yourself: http://code.google.com/p/elephas/source/browse/trunk/src/main/java/org/elephas/webapp/application/ElephasSession.java?r=87 Then on my page, I just do something like this: setDefaultModel(new DetachableUserModel(getSession().getUser(),userDao)); Please let me know your thoughts on this. Thanks, Tauren On Fri, Feb 20, 2009 at 2:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org __ A designer knows he has achieved perfection not when there is nothing left to add, but when there is nothing left to take away. (Antoine de Saint Exupéry) . Alexander Lohse • Entwicklungsleitung Projektmanagement Tel +49 38374 752 11 • Fax +49 38374 752 23 http://www.humantouch.de Human Touch Medienproduktion GmbH Am See 1 • 17440 Klein Jasedow • Deutschland Geschäftsführung: Lara Mallien, Nele Hybsier, Alexander Lohse, Johannes Heimrath (Senior) Handelsregister Stralsund • HRB 4192 • USt-IdNr. DE128367684 - Show quoted text - - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
I already told that in this thread: move your entity storage to your custom request cycle, and just keep the entity identifier in your custom session. then always access the entity either directly from the request cycle, or through delegates from your session. There's no rocket science here. Martijn On Fri, Mar 6, 2009 at 7:27 AM, Tauren Mills tau...@groovee.com wrote: Martijn, I see your point about users clicking fast and causing an exception if I keep a User in the session (transient or otherwise). I too would be curious to see some example code of how you handle the situation. Thanks, Tauren On Mon, Feb 23, 2009 at 11:47 PM, Alexander Lohse a...@humantouch.de wrote: Hi Martijn, could you paste some short example code to point out how to load and access a UserModel in the requestcycle? Regards, Alex Am 23.02.2009 um 08:42 schrieb Martijn Dashorst: - Show quoted text - Storing the user in a field of Session is wrong. Didn't you read the concurrency caveats I posted earlier? When users click fast enough, you'll get Hibernate exceptions pretty soon. Entity instances can't be shared between multiple threads. Putting them in the Session exposes them to that threat. Putting transient before the field doesn't mitigate that, neither does synchronized. Martijn On Fri, Feb 20, 2009 at 11:25 PM, Tauren Mills tau...@groovee.com wrote: Nino and Martijn, Thanks for the help. Last night I was looking through the elephas code and found a solution that I think will work for me. It doesn't store an LDM in the session, but stores an identifier and a *transient* instance of User. This seems like an effective solution to me. I tried it out and haven't had problems yet. Here's the elephas session so you can see for yourself: http://code.google.com/p/elephas/source/browse/trunk/src/main/java/org/elephas/webapp/application/ElephasSession.java?r=87 Then on my page, I just do something like this: setDefaultModel(new DetachableUserModel(getSession().getUser(),userDao)); Please let me know your thoughts on this. Thanks, Tauren On Fri, Feb 20, 2009 at 2:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org __ A designer knows he has achieved perfection not when there is nothing left to add, but when there is nothing left to take away. (Antoine de Saint Exupéry) . Alexander Lohse • Entwicklungsleitung Projektmanagement Tel +49 38374 752 11 • Fax +49 38374 752 23 http://www.humantouch.de Human Touch Medienproduktion GmbH Am See 1 • 17440 Klein Jasedow • Deutschland Geschäftsführung: Lara Mallien, Nele Hybsier, Alexander Lohse, Johannes Heimrath (Senior) Handelsregister Stralsund • HRB 4192 • USt-IdNr. DE128367684 - Show quoted text - - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
Jumping in here part way through the thread, so apologies if you've covered this already. What we do is simply store a key that represents the user (and maybe a small amount of data that is accessed about the user on every page). In general we find that our persistence is much more reliable if we don't try to optimize it before we know that we need to. Most operation only really require the user key to get or update data as the user authentication data doesn't change all that much (it's all the data attached to the user that does). In general I can't image you need to store a whole user object transient or not. Hope that helps, - Brill On 23-Feb-09, at 2:42 AM, Martijn Dashorst wrote: Storing the user in a field of Session is wrong. Didn't you read the concurrency caveats I posted earlier? When users click fast enough, you'll get Hibernate exceptions pretty soon. Entity instances can't be shared between multiple threads. Putting them in the Session exposes them to that threat. Putting transient before the field doesn't mitigate that, neither does synchronized. Martijn On Fri, Feb 20, 2009 at 11:25 PM, Tauren Mills tau...@groovee.com wrote: Nino and Martijn, Thanks for the help. Last night I was looking through the elephas code and found a solution that I think will work for me. It doesn't store an LDM in the session, but stores an identifier and a *transient* instance of User. This seems like an effective solution to me. I tried it out and haven't had problems yet. Here's the elephas session so you can see for yourself: http://code.google.com/p/elephas/source/browse/trunk/src/main/java/org/elephas/webapp/application/ElephasSession.java?r=87 Then on my page, I just do something like this: setDefaultModel(new DetachableUserModel(getSession().getUser(),userDao)); Please let me know your thoughts on this. Thanks, Tauren On Fri, Feb 20, 2009 at 2:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
Having access to the complete user object, comes in handy if you use compound models.. Like the CompundPropertyModel... But I see your point.. But it's also sort of what the LDM does, store some kind of identifier and then looks up the user if its not already loaded.. 2009/2/23 Brill Pappin br...@pappin.ca Jumping in here part way through the thread, so apologies if you've covered this already. What we do is simply store a key that represents the user (and maybe a small amount of data that is accessed about the user on every page). In general we find that our persistence is much more reliable if we don't try to optimize it before we know that we need to. Most operation only really require the user key to get or update data as the user authentication data doesn't change all that much (it's all the data attached to the user that does). In general I can't image you need to store a whole user object transient or not. Hope that helps, - Brill On 23-Feb-09, at 2:42 AM, Martijn Dashorst wrote: Storing the user in a field of Session is wrong. Didn't you read the concurrency caveats I posted earlier? When users click fast enough, you'll get Hibernate exceptions pretty soon. Entity instances can't be shared between multiple threads. Putting them in the Session exposes them to that threat. Putting transient before the field doesn't mitigate that, neither does synchronized. Martijn On Fri, Feb 20, 2009 at 11:25 PM, Tauren Mills tau...@groovee.com wrote: Nino and Martijn, Thanks for the help. Last night I was looking through the elephas code and found a solution that I think will work for me. It doesn't store an LDM in the session, but stores an identifier and a *transient* instance of User. This seems like an effective solution to me. I tried it out and haven't had problems yet. Here's the elephas session so you can see for yourself: http://code.google.com/p/elephas/source/browse/trunk/src/main/java/org/elephas/webapp/application/ElephasSession.java?r=87 Then on my page, I just do something like this: setDefaultModel(new DetachableUserModel(getSession().getUser(),userDao)); Please let me know your thoughts on this. Thanks, Tauren On Fri, Feb 20, 2009 at 2:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
Hi Martijn, could you paste some short example code to point out how to load and access a UserModel in the requestcycle? Regards, Alex Am 23.02.2009 um 08:42 schrieb Martijn Dashorst: Storing the user in a field of Session is wrong. Didn't you read the concurrency caveats I posted earlier? When users click fast enough, you'll get Hibernate exceptions pretty soon. Entity instances can't be shared between multiple threads. Putting them in the Session exposes them to that threat. Putting transient before the field doesn't mitigate that, neither does synchronized. Martijn On Fri, Feb 20, 2009 at 11:25 PM, Tauren Mills tau...@groovee.com wrote: Nino and Martijn, Thanks for the help. Last night I was looking through the elephas code and found a solution that I think will work for me. It doesn't store an LDM in the session, but stores an identifier and a *transient* instance of User. This seems like an effective solution to me. I tried it out and haven't had problems yet. Here's the elephas session so you can see for yourself: http://code.google.com/p/elephas/source/browse/trunk/src/main/java/org/elephas/webapp/application/ElephasSession.java?r=87 Then on my page, I just do something like this: setDefaultModel(new DetachableUserModel(getSession().getUser(),userDao)); Please let me know your thoughts on this. Thanks, Tauren On Fri, Feb 20, 2009 at 2:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org __ A designer knows he has achieved perfection not when there is nothing left to add, but when there is nothing left to take away. (Antoine de Saint Exupéry) . Alexander Lohse • Entwicklungsleitung Projektmanagement Tel +49 38374 752 11 • Fax +49 38374 752 23 http://www.humantouch.de Human Touch Medienproduktion GmbH Am See 1 • 17440 Klein Jasedow • Deutschland Geschäftsführung: Lara Mallien, Nele Hybsier, Alexander Lohse, Johannes Heimrath (Senior) Handelsregister Stralsund • HRB 4192 • USt-IdNr. DE128367684 - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
I think it looks fine.. However I'd delegate the creation of the model to session... page setDefaultModel(getSession().getUserModel()) session: function DetachableUserModel getUserModel() { return new DetachableUserModel(getSession().getUser(),userDao); } 2009/2/20 Tauren Mills tau...@groovee.com Nino and Martijn, Thanks for the help. Last night I was looking through the elephas code and found a solution that I think will work for me. It doesn't store an LDM in the session, but stores an identifier and a *transient* instance of User. This seems like an effective solution to me. I tried it out and haven't had problems yet. Here's the elephas session so you can see for yourself: http://code.google.com/p/elephas/source/browse/trunk/src/main/java/org/elephas/webapp/application/ElephasSession.java?r=87 Then on my page, I just do something like this: setDefaultModel(new DetachableUserModel(getSession().getUser(),userDao)); Please let me know your thoughts on this. Thanks, Tauren On Fri, Feb 20, 2009 at 2:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
Storing the user in a field of Session is wrong. Didn't you read the concurrency caveats I posted earlier? When users click fast enough, you'll get Hibernate exceptions pretty soon. Entity instances can't be shared between multiple threads. Putting them in the Session exposes them to that threat. Putting transient before the field doesn't mitigate that, neither does synchronized. Martijn On Fri, Feb 20, 2009 at 11:25 PM, Tauren Mills tau...@groovee.com wrote: Nino and Martijn, Thanks for the help. Last night I was looking through the elephas code and found a solution that I think will work for me. It doesn't store an LDM in the session, but stores an identifier and a *transient* instance of User. This seems like an effective solution to me. I tried it out and haven't had problems yet. Here's the elephas session so you can see for yourself: http://code.google.com/p/elephas/source/browse/trunk/src/main/java/org/elephas/webapp/application/ElephasSession.java?r=87 Then on my page, I just do something like this: setDefaultModel(new DetachableUserModel(getSession().getUser(),userDao)); Please let me know your thoughts on this. Thanks, Tauren On Fri, Feb 20, 2009 at 2:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... package zeuzgroup.application; import org.apache.wicket.Request; import org.apache.wicket.authentication.AuthenticatedWebSession; import org.apache.wicket.authorization.strategies.role.Roles; import org.apache.wicket.injection.web.InjectorHolder; import org.apache.wicket.spring.injection.annot.SpringBean; import zeuzgroup.application.models.BaseEntityDetachableModel; import zeuzgroup.core.Person; import zeuzgroup.core.provider.IDBDao; import zeuzgroup.core.user.UserType; public class ZeuzSession extends AuthenticatedWebSession { private boolean authorized = false; private BaseEntityDetachableModelPerson personModel; @SpringBean(name = dBDao) protected IDBDao dBDao; protected ZeuzSession(Request request) { super(request); InjectorHolder.getInjector().inject(this); } @Override protected void detach() { super.detach(); if (personModel != null) { personModel.detach(); } } public boolean isAuthorized() { return authorized; } public void setAuthorized(boolean authorized) { this.authorized = authorized; if (authorized) { getPerson().setLoggedIn(true); } // Call below too! signIn(getPerson().getAlias(), getPerson().getPassword()); } public Person getPerson() { if (personModel != null) { Person person = (Person) personModel.getObject(); if (person == null) { person = new Person(); person.setUserType(UserType.Guest); } return person; } else { Person person = new Person(); person.setUserType(UserType.Guest); return person; } } public BaseEntityDetachableModelPerson getPersonModel() { return personModel; } public void setPerson(Person person) { if (personModel != null) { personModel.setBaseEntityDetachableModel(person); } else { personModel = new BaseEntityDetachableModelPerson(person); } } public void onBeforeDestroy() { getPerson().setLoggedIn(false); } @Override public boolean authenticate(String username, String password) { Person person = new Person(); person.setAlias(username); person.setPassword(password); return dBDao.authorizePerson(person); } @Override public Roles getRoles() { // If the user is signed in, they have these roles // user always are associated with a person return new Roles(getPerson().getUserType().toString()); } } 2009/2/20 Tauren Mills tau...@tauren.com The WIA book and other example apps I've found online often show a User object being stored in the session: class BlogSession extends WebSession { private User user; } But does it make sense to do this if your User object is loaded from a persistence layer (Hibernate) and can contain a large tree of dependent objects? For instance, what if my User object has a hierarchy like this: User Name Password SetBlog Blog SetBlogEntry BlogEntry SetTag SetTag Would this store the entire hierarchy of blogs, tags, blog entries, etc. into the session? I've been experimenting with storing an LDM of the user in the session instead of the User directly: class BlogSession extends WebSession { private DetachableUserModel userModel; } But I'm getting Hibernate LazyInit errors. So it leaves me wondering if LDMs in Session aren't automatically loaded since it isn't a Component. I haven't really dug into what is going on yet. I first wanted to find out what is common practice for a situation like this. Oh, and this isn't my actual User object -- just and example for illustrative purposes. I'm not building a blog, and the properties and sets of objects in my User need to be there. Thanks! Tauren - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
Hehe, my answer are the same as Martijn. Use the ID as key in LDM, see below. public class BaseEntityDetachableModel E extends BaseEntity extends LoadableDetachableModel { @SpringBean(name = dBDao) protected IDBDao dBDao; private Long id; private ClassE clazz; public BaseEntityDetachableModel() { InjectorHolder.getInjector().inject(this); } public BaseEntityDetachableModel(E baseEntity) { this(); this.id = baseEntity.getId(); this.clazz = (ClassE) baseEntity.getClass(); } public void setBaseEntityDetachableModel(E baseEntity) { this.id = baseEntity.getId(); this.clazz =(ClassE) baseEntity.getClass(); } @Override protected E load() { if(clazz!=null) { return dBDao.findEntity(id, clazz); } else{ return null; } } } 2009/2/20 nino martinez wael nino.martinez.w...@gmail.com Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... package zeuzgroup.application; import org.apache.wicket.Request; import org.apache.wicket.authentication.AuthenticatedWebSession; import org.apache.wicket.authorization.strategies.role.Roles; import org.apache.wicket.injection.web.InjectorHolder; import org.apache.wicket.spring.injection.annot.SpringBean; import zeuzgroup.application.models.BaseEntityDetachableModel; import zeuzgroup.core.Person; import zeuzgroup.core.provider.IDBDao; import zeuzgroup.core.user.UserType; public class ZeuzSession extends AuthenticatedWebSession { private boolean authorized = false; private BaseEntityDetachableModelPerson personModel; @SpringBean(name = dBDao) protected IDBDao dBDao; protected ZeuzSession(Request request) { super(request); InjectorHolder.getInjector().inject(this); } @Override protected void detach() { super.detach(); if (personModel != null) { personModel.detach(); } } public boolean isAuthorized() { return authorized; } public void setAuthorized(boolean authorized) { this.authorized = authorized; if (authorized) { getPerson().setLoggedIn(true); } // Call below too! signIn(getPerson().getAlias(), getPerson().getPassword()); } public Person getPerson() { if (personModel != null) { Person person = (Person) personModel.getObject(); if (person == null) { person = new Person(); person.setUserType(UserType.Guest); } return person; } else { Person person = new Person(); person.setUserType(UserType.Guest); return person; } } public BaseEntityDetachableModelPerson getPersonModel() { return personModel; } public void setPerson(Person person) { if (personModel != null) { personModel.setBaseEntityDetachableModel(person); } else { personModel = new BaseEntityDetachableModelPerson(person); } } public void onBeforeDestroy() { getPerson().setLoggedIn(false); } @Override public boolean authenticate(String username, String password) { Person person = new Person(); person.setAlias(username); person.setPassword(password); return dBDao.authorizePerson(person); } @Override public Roles getRoles() { // If the user is signed in, they have these roles // user always are associated with a person return new Roles(getPerson().getUserType().toString()); } } 2009/2/20 Tauren Mills tau...@tauren.com The WIA book and other example apps I've found online often show a User object being stored in the session: class BlogSession extends WebSession { private User user; } But does it make sense to do this if your User object is loaded from a persistence layer (Hibernate) and can contain a large tree of dependent objects? For instance, what if my User object has a hierarchy like this: User Name Password SetBlog Blog SetBlogEntry BlogEntry SetTag SetTag Would this store the entire hierarchy of blogs, tags, blog entries, etc. into the session? I've been experimenting with storing an LDM of the user in the session instead of the User directly: class BlogSession extends WebSession { private DetachableUserModel userModel; } But I'm getting Hibernate LazyInit errors. So it leaves me wondering if LDMs in Session aren't automatically loaded since it isn't a Component. I haven't really dug into what is going on yet. I first wanted to find out what is common practice for a situation like this. Oh, and this isn't my actual User object -- just and example for
Re: Storing user entity in session?
move the IModelPerson to your custom request cycle, otherwise you'll run into the issues I've pointed out earlier where on thread detaches while another attaches. Storing entities in your session when your interested in maintaining them with your entitymanager is BAD, even if you put it in a LDM. Martijn On Fri, Feb 20, 2009 at 11:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... package zeuzgroup.application; import org.apache.wicket.Request; import org.apache.wicket.authentication.AuthenticatedWebSession; import org.apache.wicket.authorization.strategies.role.Roles; import org.apache.wicket.injection.web.InjectorHolder; import org.apache.wicket.spring.injection.annot.SpringBean; import zeuzgroup.application.models.BaseEntityDetachableModel; import zeuzgroup.core.Person; import zeuzgroup.core.provider.IDBDao; import zeuzgroup.core.user.UserType; public class ZeuzSession extends AuthenticatedWebSession { private boolean authorized = false; private BaseEntityDetachableModelPerson personModel; @SpringBean(name = dBDao) protected IDBDao dBDao; protected ZeuzSession(Request request) { super(request); InjectorHolder.getInjector().inject(this); } @Override protected void detach() { super.detach(); if (personModel != null) { personModel.detach(); } } public boolean isAuthorized() { return authorized; } public void setAuthorized(boolean authorized) { this.authorized = authorized; if (authorized) { getPerson().setLoggedIn(true); } // Call below too! signIn(getPerson().getAlias(), getPerson().getPassword()); } public Person getPerson() { if (personModel != null) { Person person = (Person) personModel.getObject(); if (person == null) { person = new Person(); person.setUserType(UserType.Guest); } return person; } else { Person person = new Person(); person.setUserType(UserType.Guest); return person; } } public BaseEntityDetachableModelPerson getPersonModel() { return personModel; } public void setPerson(Person person) { if (personModel != null) { personModel.setBaseEntityDetachableModel(person); } else { personModel = new BaseEntityDetachableModelPerson(person); } } public void onBeforeDestroy() { getPerson().setLoggedIn(false); } @Override public boolean authenticate(String username, String password) { Person person = new Person(); person.setAlias(username); person.setPassword(password); return dBDao.authorizePerson(person); } @Override public Roles getRoles() { // If the user is signed in, they have these roles // user always are associated with a person return new Roles(getPerson().getUserType().toString()); } } 2009/2/20 Tauren Mills tau...@tauren.com The WIA book and other example apps I've found online often show a User object being stored in the session: class BlogSession extends WebSession { private User user; } But does it make sense to do this if your User object is loaded from a persistence layer (Hibernate) and can contain a large tree of dependent objects? For instance, what if my User object has a hierarchy like this: User Name Password SetBlog Blog SetBlogEntry BlogEntry SetTag SetTag Would this store the entire hierarchy of blogs, tags, blog entries, etc. into the session? I've been experimenting with storing an LDM of the user in the session instead of the User directly: class BlogSession extends WebSession { private DetachableUserModel userModel; } But I'm getting Hibernate LazyInit errors. So it leaves me wondering if LDMs in Session aren't automatically loaded since it isn't a Component. I haven't really dug into what is going on yet. I first wanted to find out what is common practice for a situation like this. Oh, and this isn't my actual User object -- just and example for illustrative purposes. I'm not building a blog, and the properties and sets of objects in my User need to be there. Thanks! Tauren - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail:
Re: Storing user entity in session?
Ok, thanks for the tip... 2009/2/20 Martijn Dashorst martijn.dasho...@gmail.com move the IModelPerson to your custom request cycle, otherwise you'll run into the issues I've pointed out earlier where on thread detaches while another attaches. Storing entities in your session when your interested in maintaining them with your entitymanager is BAD, even if you put it in a LDM. Martijn On Fri, Feb 20, 2009 at 11:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... package zeuzgroup.application; import org.apache.wicket.Request; import org.apache.wicket.authentication.AuthenticatedWebSession; import org.apache.wicket.authorization.strategies.role.Roles; import org.apache.wicket.injection.web.InjectorHolder; import org.apache.wicket.spring.injection.annot.SpringBean; import zeuzgroup.application.models.BaseEntityDetachableModel; import zeuzgroup.core.Person; import zeuzgroup.core.provider.IDBDao; import zeuzgroup.core.user.UserType; public class ZeuzSession extends AuthenticatedWebSession { private boolean authorized = false; private BaseEntityDetachableModelPerson personModel; @SpringBean(name = dBDao) protected IDBDao dBDao; protected ZeuzSession(Request request) { super(request); InjectorHolder.getInjector().inject(this); } @Override protected void detach() { super.detach(); if (personModel != null) { personModel.detach(); } } public boolean isAuthorized() { return authorized; } public void setAuthorized(boolean authorized) { this.authorized = authorized; if (authorized) { getPerson().setLoggedIn(true); } // Call below too! signIn(getPerson().getAlias(), getPerson().getPassword()); } public Person getPerson() { if (personModel != null) { Person person = (Person) personModel.getObject(); if (person == null) { person = new Person(); person.setUserType(UserType.Guest); } return person; } else { Person person = new Person(); person.setUserType(UserType.Guest); return person; } } public BaseEntityDetachableModelPerson getPersonModel() { return personModel; } public void setPerson(Person person) { if (personModel != null) { personModel.setBaseEntityDetachableModel(person); } else { personModel = new BaseEntityDetachableModelPerson(person); } } public void onBeforeDestroy() { getPerson().setLoggedIn(false); } @Override public boolean authenticate(String username, String password) { Person person = new Person(); person.setAlias(username); person.setPassword(password); return dBDao.authorizePerson(person); } @Override public Roles getRoles() { // If the user is signed in, they have these roles // user always are associated with a person return new Roles(getPerson().getUserType().toString()); } } 2009/2/20 Tauren Mills tau...@tauren.com The WIA book and other example apps I've found online often show a User object being stored in the session: class BlogSession extends WebSession { private User user; } But does it make sense to do this if your User object is loaded from a persistence layer (Hibernate) and can contain a large tree of dependent objects? For instance, what if my User object has a hierarchy like this: User Name Password SetBlog Blog SetBlogEntry BlogEntry SetTag SetTag Would this store the entire hierarchy of blogs, tags, blog entries, etc. into the session? I've been experimenting with storing an LDM of the user in the session instead of the User directly: class BlogSession extends WebSession { private DetachableUserModel userModel; } But I'm getting Hibernate LazyInit errors. So it leaves me wondering if LDMs in Session aren't automatically loaded since it isn't a Component. I haven't really dug into what is going on yet. I first wanted to find out what is common practice for a situation like this. Oh, and this isn't my actual User object -- just and example for illustrative purposes. I'm not building a blog, and the properties and sets of objects in my User need to be there. Thanks! Tauren - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a
Re: Storing user entity in session?
Hi Martijn, your reply reminds me of a question I always wanted to ask: is it safe to use IModels outside of components with their defined lifecycle and getDefaultModel() method? We'd like to use models everywhere we have to retrieve domain objects, be it configuration or, as in this thread, retrieving session data. And since we don't use transactions directly from the weblayer but call stateless session beans to do the work and keep the tx management in another layer/ container (EJB) and use mostly detached entites, is it safe then to use LDMs directly from the session object? Thanks in advance, Martin 2009/2/20 Martijn Dashorst martijn.dasho...@gmail.com: move the IModelPerson to your custom request cycle, otherwise you'll run into the issues I've pointed out earlier where on thread detaches while another attaches. Storing entities in your session when your interested in maintaining them with your entitymanager is BAD, even if you put it in a LDM. Martijn On Fri, Feb 20, 2009 at 11:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... package zeuzgroup.application; import org.apache.wicket.Request; import org.apache.wicket.authentication.AuthenticatedWebSession; import org.apache.wicket.authorization.strategies.role.Roles; import org.apache.wicket.injection.web.InjectorHolder; import org.apache.wicket.spring.injection.annot.SpringBean; import zeuzgroup.application.models.BaseEntityDetachableModel; import zeuzgroup.core.Person; import zeuzgroup.core.provider.IDBDao; import zeuzgroup.core.user.UserType; public class ZeuzSession extends AuthenticatedWebSession { private boolean authorized = false; private BaseEntityDetachableModelPerson personModel; @SpringBean(name = dBDao) protected IDBDao dBDao; protected ZeuzSession(Request request) { super(request); InjectorHolder.getInjector().inject(this); } @Override protected void detach() { super.detach(); if (personModel != null) { personModel.detach(); } } public boolean isAuthorized() { return authorized; } public void setAuthorized(boolean authorized) { this.authorized = authorized; if (authorized) { getPerson().setLoggedIn(true); } // Call below too! signIn(getPerson().getAlias(), getPerson().getPassword()); } public Person getPerson() { if (personModel != null) { Person person = (Person) personModel.getObject(); if (person == null) { person = new Person(); person.setUserType(UserType.Guest); } return person; } else { Person person = new Person(); person.setUserType(UserType.Guest); return person; } } public BaseEntityDetachableModelPerson getPersonModel() { return personModel; } public void setPerson(Person person) { if (personModel != null) { personModel.setBaseEntityDetachableModel(person); } else { personModel = new BaseEntityDetachableModelPerson(person); } } public void onBeforeDestroy() { getPerson().setLoggedIn(false); } @Override public boolean authenticate(String username, String password) { Person person = new Person(); person.setAlias(username); person.setPassword(password); return dBDao.authorizePerson(person); } @Override public Roles getRoles() { // If the user is signed in, they have these roles // user always are associated with a person return new Roles(getPerson().getUserType().toString()); } } 2009/2/20 Tauren Mills tau...@tauren.com The WIA book and other example apps I've found online often show a User object being stored in the session: class BlogSession extends WebSession { private User user; } But does it make sense to do this if your User object is loaded from a persistence layer (Hibernate) and can contain a large tree of dependent objects? For instance, what if my User object has a hierarchy like this: User Name Password SetBlog Blog SetBlogEntry BlogEntry SetTag SetTag Would this store the entire hierarchy of blogs, tags, blog entries, etc. into the session? I've been experimenting with storing an LDM of the user in the session instead of the User directly: class BlogSession extends WebSession { private DetachableUserModel userModel; } But I'm getting Hibernate LazyInit errors. So it leaves me wondering if LDMs in Session aren't automatically loaded since it isn't a Component. I haven't really dug into what is going on yet. I first wanted to find out what is common practice for a situation like
Re: Storing user entity in session?
There are several types of safety: - making sure they are detached? - making sure they are only used inside one thread? - ... Detaching outside of the wicket component tree's default model slot is not automatic: you have to do that yourself (override ondetach for example). AFAIK we'll be looking into automatic detachment in 1.5 when an IDetachable is somewhere inside the component tree as a field, and drop the default model slot altogether. Thread safety is another issue where you are responsible yourself: if you pass your imodel to another thread (e.g. to generate a report) then it is better to clone or create a new model instance and pass the copy to the thread. Otherwise you'll run into issues where one thread wants to detach, and another wants to attach. Also, the entity instance can only be attached to one EntityManager. You are responsible for that. Martijn On Fri, Feb 20, 2009 at 12:58 PM, Martin Voigt martin.vo...@artnology.com wrote: Hi Martijn, your reply reminds me of a question I always wanted to ask: is it safe to use IModels outside of components with their defined lifecycle and getDefaultModel() method? We'd like to use models everywhere we have to retrieve domain objects, be it configuration or, as in this thread, retrieving session data. And since we don't use transactions directly from the weblayer but call stateless session beans to do the work and keep the tx management in another layer/ container (EJB) and use mostly detached entites, is it safe then to use LDMs directly from the session object? Thanks in advance, Martin 2009/2/20 Martijn Dashorst martijn.dasho...@gmail.com: move the IModelPerson to your custom request cycle, otherwise you'll run into the issues I've pointed out earlier where on thread detaches while another attaches. Storing entities in your session when your interested in maintaining them with your entitymanager is BAD, even if you put it in a LDM. Martijn On Fri, Feb 20, 2009 at 11:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... package zeuzgroup.application; import org.apache.wicket.Request; import org.apache.wicket.authentication.AuthenticatedWebSession; import org.apache.wicket.authorization.strategies.role.Roles; import org.apache.wicket.injection.web.InjectorHolder; import org.apache.wicket.spring.injection.annot.SpringBean; import zeuzgroup.application.models.BaseEntityDetachableModel; import zeuzgroup.core.Person; import zeuzgroup.core.provider.IDBDao; import zeuzgroup.core.user.UserType; public class ZeuzSession extends AuthenticatedWebSession { private boolean authorized = false; private BaseEntityDetachableModelPerson personModel; @SpringBean(name = dBDao) protected IDBDao dBDao; protected ZeuzSession(Request request) { super(request); InjectorHolder.getInjector().inject(this); } @Override protected void detach() { super.detach(); if (personModel != null) { personModel.detach(); } } public boolean isAuthorized() { return authorized; } public void setAuthorized(boolean authorized) { this.authorized = authorized; if (authorized) { getPerson().setLoggedIn(true); } // Call below too! signIn(getPerson().getAlias(), getPerson().getPassword()); } public Person getPerson() { if (personModel != null) { Person person = (Person) personModel.getObject(); if (person == null) { person = new Person(); person.setUserType(UserType.Guest); } return person; } else { Person person = new Person(); person.setUserType(UserType.Guest); return person; } } public BaseEntityDetachableModelPerson getPersonModel() { return personModel; } public void setPerson(Person person) { if (personModel != null) { personModel.setBaseEntityDetachableModel(person); } else { personModel = new BaseEntityDetachableModelPerson(person); } } public void onBeforeDestroy() { getPerson().setLoggedIn(false); } @Override public boolean authenticate(String username, String password) { Person person = new Person(); person.setAlias(username); person.setPassword(password); return dBDao.authorizePerson(person); } @Override public Roles getRoles() { // If the user is signed in, they have these roles // user always are associated with a person return new Roles(getPerson().getUserType().toString()); } } 2009/2/20 Tauren Mills tau...@tauren.com The WIA book and other example apps I've found online often show a User object
Re: Storing user entity in session?
Nino and Martijn, Thanks for the help. Last night I was looking through the elephas code and found a solution that I think will work for me. It doesn't store an LDM in the session, but stores an identifier and a *transient* instance of User. This seems like an effective solution to me. I tried it out and haven't had problems yet. Here's the elephas session so you can see for yourself: http://code.google.com/p/elephas/source/browse/trunk/src/main/java/org/elephas/webapp/application/ElephasSession.java?r=87 Then on my page, I just do something like this: setDefaultModel(new DetachableUserModel(getSession().getUser(),userDao)); Please let me know your thoughts on this. Thanks, Tauren On Fri, Feb 20, 2009 at 2:05 AM, nino martinez wael nino.martinez.w...@gmail.com wrote: Hi Tauren I've done something similar.. Have no trouble with.. Disclaimer, below code are really ugly and I need to clean it up... - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
Access to session is not thread safe: resources, and request setup/teardown will give you headaches (ever tried to attach one entity instance to two hibernate sessions?). We store the ID of the entity in the session, and load it in the requestcycle (and get the instance from there). Martijn On Fri, Feb 20, 2009 at 3:20 AM, Tauren Mills tau...@tauren.com wrote: The WIA book and other example apps I've found online often show a User object being stored in the session: class BlogSession extends WebSession { private User user; } But does it make sense to do this if your User object is loaded from a persistence layer (Hibernate) and can contain a large tree of dependent objects? For instance, what if my User object has a hierarchy like this: User Name Password SetBlog Blog SetBlogEntry BlogEntry SetTag SetTag Would this store the entire hierarchy of blogs, tags, blog entries, etc. into the session? I've been experimenting with storing an LDM of the user in the session instead of the User directly: class BlogSession extends WebSession { private DetachableUserModel userModel; } But I'm getting Hibernate LazyInit errors. So it leaves me wondering if LDMs in Session aren't automatically loaded since it isn't a Component. I haven't really dug into what is going on yet. I first wanted to find out what is common practice for a situation like this. Oh, and this isn't my actual User object -- just and example for illustrative purposes. I'm not building a blog, and the properties and sets of objects in my User need to be there. Thanks! Tauren - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Storing user entity in session?
Martin, Thanks for the response! I was actually just modifying my implementation to store just the ID in the session and was trying to figure out where the best place to load it would be. I was trying to load it in a page constructor, but was finding that doesn't always work. So I'll explore using the requestcycle for this, as you suggest. Any hints or examples you could share? Thanks, Tauren On Thu, Feb 19, 2009 at 11:03 PM, Martijn Dashorst martijn.dasho...@gmail.com wrote: Access to session is not thread safe: resources, and request setup/teardown will give you headaches (ever tried to attach one entity instance to two hibernate sessions?). We store the ID of the entity in the session, and load it in the requestcycle (and get the instance from there). Martijn On Fri, Feb 20, 2009 at 3:20 AM, Tauren Mills tau...@tauren.com wrote: The WIA book and other example apps I've found online often show a User object being stored in the session: class BlogSession extends WebSession { private User user; } But does it make sense to do this if your User object is loaded from a persistence layer (Hibernate) and can contain a large tree of dependent objects? For instance, what if my User object has a hierarchy like this: User Name Password SetBlog Blog SetBlogEntry BlogEntry SetTag SetTag Would this store the entire hierarchy of blogs, tags, blog entries, etc. into the session? I've been experimenting with storing an LDM of the user in the session instead of the User directly: class BlogSession extends WebSession { private DetachableUserModel userModel; } But I'm getting Hibernate LazyInit errors. So it leaves me wondering if LDMs in Session aren't automatically loaded since it isn't a Component. I haven't really dug into what is going on yet. I first wanted to find out what is common practice for a situation like this. Oh, and this isn't my actual User object -- just and example for illustrative purposes. I'm not building a blog, and the properties and sets of objects in my User need to be there. Thanks! Tauren - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.3.5 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org