On Apr 3, 2011, at 7:42 PM, VP wrote: > > Clearly, session is a critical piece of data and it ought to be > synchronized carefully. But I think the current policy of locking > session can be improved.
It can, but we need to be clear on what the use cases are. A locked session will block other requests on the same session, but those are going to be (I think) mainly Ajax requests. Is it to much to ask that Ajax services do the right thing with session.forget? It's possible that we could benefit by taking a shared lock by default, and upgrading to an exclusive lock only for modifications. But I'd like to understand the use cases first.
