I think this is becoming an off topic for this list, so this will be my last post.
Anyway, I'm still not convinced that invalidating the session in the action class would yield any more positive results than doing it in the JSP page. Nobody gave any examples, counter-examples or use cases that shows it is more convenient to do it in the action. >From a maintainability point of view, I think the only constraint that should be attained is that the session invalidation code being in one place ONLY. If you find 2 or more files that invalidate a session, then I think you found a code smell. The question of WHERE to find the invalidation code, is answered with a simple search on your file system looking for files than contains the "invalidate" string. Then you find it. It takes no more than 5 minutes to do that. >From a usability point of view, most use cases I know of (if not all), the session is invalidated when a user decides to leave the app (ie the logout process). Now, to my experience it is common to show a final page with some user data in it (thanking them to use the app and wishing return soon). This user specific data is commonly in session, so invalidating the session in the action make it an unnatural place to do it (as explained in my previous posts.) >From a simplicity point of view, the different methods enumerated in this thread are no more simpler than the <% session.invalidate(); %> scriptlet. Regards, Gabriel 2007/9/12, Alvaro Sanchez-Mariscal <[EMAIL PROTECTED]>: > There is one extra reason in favour of doing in the action: it's > really simple. Sure. > > You can implement ServletRequestAware, an call > request.getSession().invalidate(); > > Alvaro. > > On 9/13/07, Chris Pratt <[EMAIL PROTECTED]> wrote: > > On 9/12/07, Gabriel Belingueres <[EMAIL PROTECTED]> wrote: > > > I agree too that (generally speaking) we must introduce the least > > > possible quantity of scripting into JSP pages as we can, so we honor > > > the MVC architecture, however, in this particular case (invalidating > > > the session), I don't understand why would be better to do it in the > > > action class rather than in the JSP page for non-small apps. > > > > In my view, it's a maintainability issue. If you keep all of your > > code in the .java files, except for one or two lines that are in > > scriplets, it becomes a nightmare for anyone else to maintain the > > code. They would never think to look in the .jsp files for Java code, > > because that's not where the logic lives and it slows down the whole > > process of maintaining the site, or bringing people up to speed to > > maintain the site, so you can go off and do the fun things. > > > > On a related note, I think SessionAware should be updated to return a > > SessionMap (which is a subclass of Map, so shouldn't require any > > recoding of existing apps) so that type-casting isn't required to > > invalidate the session. > > (*Chris*) > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > -- > Alvaro Sanchez-Mariscal Arnaiz > Java EE Architect & Instructor > [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
