Hello, I think web developers should be given an advice at http://cayenne.apache.org/doc/web-applications.html that if using Cayenne Servlet Filter the web application can be brought to a halt if a malicious user sends lots of cookie-less requests (every request bounds data context to a new session). We were testing our app with JMeter and found out we can not afford to use filter approach.
It would be of most value if some debates from the mailing list about how to use DataContext based on different web application needs would be at the http://cayenne.apache.org/doc/obtaining-datacontext.html. What I have in mind is a tiny cookbook, just two or three recipes, on why it is good to gave one data context shared for all users, some data context created for each request, some saved in the session, when not to put dc in the session etc. Should I open an issue in the JIRA? Cheers, Borut
