Re: updateLastLogin()

Rafal Krzewski Tue, 21 Nov 2000 10:53:05 -0800
Will Stranathan wrote:
 
> I actually tried to make my way through the sources, and I think I
> just found that DBUser doesn't override updateLastLogin() from
> BaseUser.  It should be getting set in the hastable, but I didn't get
> an opportunity to see if the peer was ever writing the value back
> out.

It's supposed to be writing these values out on session timeout.

Notice that TurbineUser.valueUnbound calls UserManager.save(this)
which should save all user information back into the database.

This means that if you kill your application  (I mean tomcat 
shutdown, because sessions survive context reloads) before
a session times out (30 minutes by default) you won't see
the updated values in the DB. Set session timeout period
to 1 minute in application deployment descriptor (web.xml file)
and check.

Actually we have a problem here - if an administrator modifies
user data in the DB while an user is logged in, the changes
made will be lost, because they will be overwirtten with the
data contained in the permData hashtable.

I think that the correct approach would be:

Update LAST_LOGIN on succesful login
Update ACCESS_COUNTER on session timeout

when some user information is changed (be it administrator's action
or user's preferences change) write out the data explicitly.

It would be *a bit* better then, but the possiblility of overwriting
the data with old values still exists.

To avoid that, we would have to keep a central repository of User
object instances in memory, so that all threads (requests) use 
the very same data. 
Then getUser/releaseUser methods would be neccessary to support
reference counting to write out data when no more requests 
are using a particular User object.

I need to think about it more...

Rafal

--
Rafal Krzewski
Senior Internet Developer
mailto:[EMAIL PROTECTED]
+48 22 8534830 http://e-point.pl


------------------------------------------------------------
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?:           [EMAIL PROTECTED]
Re: updateLastLogin()

Reply via email to
