you'll either be using cookies, which species sessionid + instance
id, or you'll be using URL encodingand your direct action URL will
have both the instance ID as well as ?wosid=xxx in the URL (http://yoursite/cgi-bin/WebObjects/YourApp.woa/instanceid/daname?wosid=xxx
) ... should work fine
ms
Does this also work with several machines running instances? I can
imagine it works fine on one server, but as far as I know there is
not some shared context over servers, or is there?
instance number is encoded in the URL or in a cookie ... in a
standard setup with one apache in front, you will be routed to the
correct server based on your instance number*, which will then have
the corresponding session id. every time someone clicks a link in
your stateful app, they are getting routed to the same server -- wo
would just explode in a ball of flames if this didn't function
properly.
ms
* and if you have a load balancer in front, it obviously needs to
understand sticky sessions, but again, nothing would work right in
your app if this wasn't already happening
This IS a consideration of a vulnerability if you LOSE that instance
inbetween these operations -- Patrick's suggestion of storing as much
as possible in the db would cover you for that.
ms
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
