You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by robinwilson2 <rw...@gmail.com> on 2010/01/11 21:16:29 UTC
I'd like to have a page with no session for unauthenticated users,
and with a session when the user is authenticated
We are running a high-volume environment on a 4 server tomcat cluster. Every
so often (about 1 time per month) during peak load times, our Tomcats will
start to thrash on garbage collection. We've traced the problem down to the
sessions being created are taking up all the heap space - even though the
vast majority of sessions are unnecessary because the user is completely
unauthenticated at the time the session is created.
We have a 6GB heap space on each server - but the authenticated users take
up less then 1/10th of this space, the rest is going to unauthenticated
users.
We have tuned our session durations down for unauthenticated users to 1
seconds, but we can still encounter loads that generate sessions for
unauthenticated users so fast that we run out of heap. (Not because we
generate sessions faster than they are being expired - but because Tomcat's
expiration code is very slow, so "old" (past expiration time) sessions
linger for more than an hour during peak load.
To us, the ideal solution would be to not create sessions if the user is
unauthenticated. We're using Tapestry 5.1.05, and we can't figure out how to
make a page that does not create a session in Tapestry. Can someone point us
in the direction of the documentation on this (if there is any)?
--
View this message in context: http://old.nabble.com/I%27d-like-to-have-a-page-with-no-session-for-unauthenticated-users%2C-and-with-a-session-when-the-user-is-authenticated-tp27116942p27116942.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by Josh Canfield <jo...@thedailytube.com>.
> Shoudn't the ValidationTracker use the flash strategy instead of session? It
> uses the session, but it's for a short time.
Just to be clear, the OPs problem is that a session is created, using
Flash won't help their memory performance...
I posted a fix for this way back, it's been in production for a couple
years in 5.0.18, haven't upgraded that site yet...
http://markmail.org/message/jfmxfsjgiy3msnhf
Until the core is fixed you could try this method...
Josh
On Mon, Jan 11, 2010 at 3:58 PM, Thiago H. de Paula Figueiredo
<th...@gmail.com> wrote:
> Em Mon, 11 Jan 2010 19:56:05 -0200, Howard Lewis Ship <hl...@gmail.com>
> escreveu:
>
>> The mostly likely culprit is the use of a Form component, which stores
>> its ValidationTracker object (by default) in session, creating a
>> session as needed.
>
> Shoudn't the ValidationTracker use the flash strategy instead of session? It
> uses the session, but it's for a short time.
>
> --
> Thiago H. de Paula Figueiredo
> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and
> instructor
> Owner, software architect and developer, Ars Machina Tecnologia da
> Informação Ltda.
> http://www.arsmachina.com.br
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
--
TheDailyTube.com. Sign up and get the best new videos on the internet
delivered fresh to your inbox.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by Howard Lewis Ship <hl...@gmail.com>.
The default is the flash strategy, but that still creates and uses the session.
On Mon, Jan 11, 2010 at 3:58 PM, Thiago H. de Paula Figueiredo
<th...@gmail.com> wrote:
> Em Mon, 11 Jan 2010 19:56:05 -0200, Howard Lewis Ship <hl...@gmail.com>
> escreveu:
>
>> The mostly likely culprit is the use of a Form component, which stores
>> its ValidationTracker object (by default) in session, creating a
>> session as needed.
>
> Shoudn't the ValidationTracker use the flash strategy instead of session? It
> uses the session, but it's for a short time.
>
> --
> Thiago H. de Paula Figueiredo
> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and
> instructor
> Owner, software architect and developer, Ars Machina Tecnologia da
> Informação Ltda.
> http://www.arsmachina.com.br
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Creator of Apache Tapestry
The source for Tapestry training, mentoring and support. Contact me to
learn how I can get you up and productive in Tapestry fast!
(971) 678-5210
http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by "Thiago H. de Paula Figueiredo" <th...@gmail.com>.
Em Mon, 11 Jan 2010 19:56:05 -0200, Howard Lewis Ship <hl...@gmail.com>
escreveu:
> The mostly likely culprit is the use of a Form component, which stores
> its ValidationTracker object (by default) in session, creating a
> session as needed.
Shoudn't the ValidationTracker use the flash strategy instead of session?
It uses the session, but it's for a short time.
--
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,
and instructor
Owner, software architect and developer, Ars Machina Tecnologia da
Informação Ltda.
http://www.arsmachina.com.br
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by Kalle Korhonen <ka...@gmail.com>.
Yes, that was my understanding. But nevertheless, if you run into this
issue, it's not that huge of an expense to make a minor modification
compared to researching possible solutions on your own or having to
wait for a new version of Tapestry. Fortunately, I'm still ok, memory
is cheap :)
Kalle
On Wed, Jan 13, 2010 at 2:19 PM, Robin D. Wilson <rw...@gmail.com> wrote:
> FYI, that 'configuration switch' isn't available on the DeltaManager that comes with Tomcat... We had to modify the DeltaManager and
> created this setting for our own use. If there is a significant enough demand, I would be willing to post our changes - so that
> others can benefit from them, but you'll need to wait until we finish testing and iron out any bugs we find.
>
> --
> Robin D. Wilson
> Director of Web Development
> KingsIsle Entertainment, Inc.
> CELL: 512-426-3929
> DESK: 512-623-5913
> www.KingsIsle.com
>
>
> -----Original Message-----
> From: Kalle Korhonen [mailto:kalle.o.korhonen@gmail.com]
> Sent: Wednesday, January 13, 2010 2:48 PM
> To: Tapestry users
> Subject: Re: I'd like to have a page with no session for unauthenticated users, and with a session when the user is authenticated
>
> On Wed, Jan 13, 2010 at 12:38 PM, Robin D. Wilson <rw...@gmail.com> wrote:
>> In the interim, we've opted for a different solution. We've modified the DeltaManager for Tomcat (clustering manager) to not
> create
>> sessions that are of short durations (we created a configuration switch for "sessionReplicationDurationThreshold"). If the session
>> TTL is shorter than the threshold, it won't be replicated to the other members of the cluster. Moreover, DeltaManager kills it off
>> for us if it's already expired. So that essentially solved the problem for us.
>
> This is very handy tip, thanks Robin.
>
> Kalle
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: I'd like to have a page with no session for unauthenticated users, and with a session when the user is authenticated
Posted by "Robin D. Wilson" <rw...@gmail.com>.
FYI, that 'configuration switch' isn't available on the DeltaManager that comes with Tomcat... We had to modify the DeltaManager and
created this setting for our own use. If there is a significant enough demand, I would be willing to post our changes - so that
others can benefit from them, but you'll need to wait until we finish testing and iron out any bugs we find.
--
Robin D. Wilson
Director of Web Development
KingsIsle Entertainment, Inc.
CELL: 512-426-3929
DESK: 512-623-5913
www.KingsIsle.com
-----Original Message-----
From: Kalle Korhonen [mailto:kalle.o.korhonen@gmail.com]
Sent: Wednesday, January 13, 2010 2:48 PM
To: Tapestry users
Subject: Re: I'd like to have a page with no session for unauthenticated users, and with a session when the user is authenticated
On Wed, Jan 13, 2010 at 12:38 PM, Robin D. Wilson <rw...@gmail.com> wrote:
> In the interim, we've opted for a different solution. We've modified the DeltaManager for Tomcat (clustering manager) to not
create
> sessions that are of short durations (we created a configuration switch for "sessionReplicationDurationThreshold"). If the session
> TTL is shorter than the threshold, it won't be replicated to the other members of the cluster. Moreover, DeltaManager kills it off
> for us if it's already expired. So that essentially solved the problem for us.
This is very handy tip, thanks Robin.
Kalle
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by Kalle Korhonen <ka...@gmail.com>.
On Wed, Jan 13, 2010 at 12:38 PM, Robin D. Wilson <rw...@gmail.com> wrote:
> In the interim, we've opted for a different solution. We've modified the DeltaManager for Tomcat (clustering manager) to not create
> sessions that are of short durations (we created a configuration switch for "sessionReplicationDurationThreshold"). If the session
> TTL is shorter than the threshold, it won't be replicated to the other members of the cluster. Moreover, DeltaManager kills it off
> for us if it's already expired. So that essentially solved the problem for us.
This is very handy tip, thanks Robin.
Kalle
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: I'd like to have a page with no session for unauthenticated users, and with a session when the user is authenticated
Posted by "Robin D. Wilson" <rw...@gmail.com>.
Thanks. I've been swamped trying to work on our next release.
In the interim, we've opted for a different solution. We've modified the DeltaManager for Tomcat (clustering manager) to not create
sessions that are of short durations (we created a configuration switch for "sessionReplicationDurationThreshold"). If the session
TTL is shorter than the threshold, it won't be replicated to the other members of the cluster. Moreover, DeltaManager kills it off
for us if it's already expired. So that essentially solved the problem for us.
I agree however, that the ideal solution would be to have Tapestry be a little more aware of the cost of creating sessions for every
page request, even when we don't really need them for the end-user's session.
On our side, we've implemented some of our code to use 'thread local' caches that are available as a sort of global space while a
request is being processed, but go away after the page is delivered.
--
Robin D. Wilson
Director of Web Development
KingsIsle Entertainment, Inc.
CELL: 512-426-3929
DESK: 512-623-5913
www.KingsIsle.com
-----Original Message-----
From: Kalle Korhonen [mailto:kalle.o.korhonen@gmail.com]
Sent: Wednesday, January 13, 2010 2:20 PM
To: Tapestry users
Subject: Re: I'd like to have a page with no session for unauthenticated users, and with a session when the user is authenticated
I'm also quite keen on having a better solution for this - it didn't
seem Robin had created an issue for this, so I did:
https://issues.apache.org/jira/browse/TAP5-985. Please vote if the
issue is important to you.
Kalle
On Mon, Jan 11, 2010 at 2:28 PM, Howard Lewis Ship <hl...@gmail.com> wrote:
> True; perhaps the logic could be changed such that the VT is not
> stored in the session ... oh, I know a good way to do that, actually
> (a proxy to the real validation delegate). Add an issue and we'll see
> if we can get that to work ... it would be a big performance boost for
> a typical form (that submits succesfully).
>
> On Mon, Jan 11, 2010 at 2:20 PM, Josh Canfield <jo...@thedailytube.com> wrote:
>> Is there a reason the form needs to persist data when it hasn't been
>> submitted? perhaps ValidationTracker should be null until it's needed.
>>
>> On Mon, Jan 11, 2010 at 1:56 PM, Howard Lewis Ship <hl...@gmail.com> wrote:
>>> The mostly likely culprit is the use of a Form component, which stores
>>> its ValidationTracker object (by default) in session, creating a
>>> session as needed.
>>>
>>> You can bind the tracker parameter of the Form component to a simple,
>>> non-persistent, property of type ValidationTracker. Your only
>>> problem, then, is dealing with server-side input validation errors ...
>>> the tracker exists to capture user input and validation errors from
>>> the from submit request so that that information can be presented on
>>> the subsequent page render request.
>>>
>>> On Mon, Jan 11, 2010 at 12:16 PM, robinwilson2 <rw...@gmail.com> wrote:
>>>>
>>>> We are running a high-volume environment on a 4 server tomcat cluster. Every
>>>> so often (about 1 time per month) during peak load times, our Tomcats will
>>>> start to thrash on garbage collection. We've traced the problem down to the
>>>> sessions being created are taking up all the heap space - even though the
>>>> vast majority of sessions are unnecessary because the user is completely
>>>> unauthenticated at the time the session is created.
>>>>
>>>> We have a 6GB heap space on each server - but the authenticated users take
>>>> up less then 1/10th of this space, the rest is going to unauthenticated
>>>> users.
>>>>
>>>> We have tuned our session durations down for unauthenticated users to 1
>>>> seconds, but we can still encounter loads that generate sessions for
>>>> unauthenticated users so fast that we run out of heap. (Not because we
>>>> generate sessions faster than they are being expired - but because Tomcat's
>>>> expiration code is very slow, so "old" (past expiration time) sessions
>>>> linger for more than an hour during peak load.
>>>>
>>>> To us, the ideal solution would be to not create sessions if the user is
>>>> unauthenticated. We're using Tapestry 5.1.05, and we can't figure out how to
>>>> make a page that does not create a session in Tapestry. Can someone point us
>>>> in the direction of the documentation on this (if there is any)?
>>>> --
>>>> View this message in context:
http://old.nabble.com/I%27d-like-to-have-a-page-with-no-session-for-unauthenticated-users%2C-and-with-a-session-when-the-user-is-aut
henticated-tp27116942p27116942.html
>>>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Howard M. Lewis Ship
>>>
>>> Creator of Apache Tapestry
>>>
>>> The source for Tapestry training, mentoring and support. Contact me to
>>> learn how I can get you up and productive in Tapestry fast!
>>>
>>> (971) 678-5210
>>> http://howardlewisship.com
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>>
>>
>>
>>
>> --
>> --
>> TheDailyTube.com. Sign up and get the best new videos on the internet
>> delivered fresh to your inbox.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
>
>
> --
> Howard M. Lewis Ship
>
> Creator of Apache Tapestry
>
> The source for Tapestry training, mentoring and support. Contact me to
> learn how I can get you up and productive in Tapestry fast!
>
> (971) 678-5210
> http://howardlewisship.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by Kalle Korhonen <ka...@gmail.com>.
I'm also quite keen on having a better solution for this - it didn't
seem Robin had created an issue for this, so I did:
https://issues.apache.org/jira/browse/TAP5-985. Please vote if the
issue is important to you.
Kalle
On Mon, Jan 11, 2010 at 2:28 PM, Howard Lewis Ship <hl...@gmail.com> wrote:
> True; perhaps the logic could be changed such that the VT is not
> stored in the session ... oh, I know a good way to do that, actually
> (a proxy to the real validation delegate). Add an issue and we'll see
> if we can get that to work ... it would be a big performance boost for
> a typical form (that submits succesfully).
>
> On Mon, Jan 11, 2010 at 2:20 PM, Josh Canfield <jo...@thedailytube.com> wrote:
>> Is there a reason the form needs to persist data when it hasn't been
>> submitted? perhaps ValidationTracker should be null until it's needed.
>>
>> On Mon, Jan 11, 2010 at 1:56 PM, Howard Lewis Ship <hl...@gmail.com> wrote:
>>> The mostly likely culprit is the use of a Form component, which stores
>>> its ValidationTracker object (by default) in session, creating a
>>> session as needed.
>>>
>>> You can bind the tracker parameter of the Form component to a simple,
>>> non-persistent, property of type ValidationTracker. Your only
>>> problem, then, is dealing with server-side input validation errors ...
>>> the tracker exists to capture user input and validation errors from
>>> the from submit request so that that information can be presented on
>>> the subsequent page render request.
>>>
>>> On Mon, Jan 11, 2010 at 12:16 PM, robinwilson2 <rw...@gmail.com> wrote:
>>>>
>>>> We are running a high-volume environment on a 4 server tomcat cluster. Every
>>>> so often (about 1 time per month) during peak load times, our Tomcats will
>>>> start to thrash on garbage collection. We've traced the problem down to the
>>>> sessions being created are taking up all the heap space - even though the
>>>> vast majority of sessions are unnecessary because the user is completely
>>>> unauthenticated at the time the session is created.
>>>>
>>>> We have a 6GB heap space on each server - but the authenticated users take
>>>> up less then 1/10th of this space, the rest is going to unauthenticated
>>>> users.
>>>>
>>>> We have tuned our session durations down for unauthenticated users to 1
>>>> seconds, but we can still encounter loads that generate sessions for
>>>> unauthenticated users so fast that we run out of heap. (Not because we
>>>> generate sessions faster than they are being expired - but because Tomcat's
>>>> expiration code is very slow, so "old" (past expiration time) sessions
>>>> linger for more than an hour during peak load.
>>>>
>>>> To us, the ideal solution would be to not create sessions if the user is
>>>> unauthenticated. We're using Tapestry 5.1.05, and we can't figure out how to
>>>> make a page that does not create a session in Tapestry. Can someone point us
>>>> in the direction of the documentation on this (if there is any)?
>>>> --
>>>> View this message in context: http://old.nabble.com/I%27d-like-to-have-a-page-with-no-session-for-unauthenticated-users%2C-and-with-a-session-when-the-user-is-authenticated-tp27116942p27116942.html
>>>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Howard M. Lewis Ship
>>>
>>> Creator of Apache Tapestry
>>>
>>> The source for Tapestry training, mentoring and support. Contact me to
>>> learn how I can get you up and productive in Tapestry fast!
>>>
>>> (971) 678-5210
>>> http://howardlewisship.com
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>>
>>
>>
>>
>> --
>> --
>> TheDailyTube.com. Sign up and get the best new videos on the internet
>> delivered fresh to your inbox.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
>
>
> --
> Howard M. Lewis Ship
>
> Creator of Apache Tapestry
>
> The source for Tapestry training, mentoring and support. Contact me to
> learn how I can get you up and productive in Tapestry fast!
>
> (971) 678-5210
> http://howardlewisship.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by Howard Lewis Ship <hl...@gmail.com>.
Follow the links from the Tapestry home page to the JIRA Issue manager
at Apache; you'll have to register, then add a new issue to the
TAPESTRY5 project.
On Mon, Jan 11, 2010 at 2:46 PM, Robin D. Wilson <rw...@gmail.com> wrote:
> So how do I add an issue? (I'm new to this group...)
>
> --
> Robin D. Wilson
> Director of Web Development
> KingsIsle Entertainment, Inc.
> CELL: 512-426-3929
> DESK: 512-623-5913
> www.KingsIsle.com
>
>
> -----Original Message-----
> From: Howard Lewis Ship [mailto:hlship@gmail.com]
> Sent: Monday, January 11, 2010 4:29 PM
> To: Tapestry users
> Subject: Re: I'd like to have a page with no session for unauthenticated users, and with a session when the user is authenticated
>
> True; perhaps the logic could be changed such that the VT is not
> stored in the session ... oh, I know a good way to do that, actually
> (a proxy to the real validation delegate). Add an issue and we'll see
> if we can get that to work ... it would be a big performance boost for
> a typical form (that submits succesfully).
>
> On Mon, Jan 11, 2010 at 2:20 PM, Josh Canfield <jo...@thedailytube.com> wrote:
>> Is there a reason the form needs to persist data when it hasn't been
>> submitted? perhaps ValidationTracker should be null until it's needed.
>>
>> On Mon, Jan 11, 2010 at 1:56 PM, Howard Lewis Ship <hl...@gmail.com> wrote:
>>> The mostly likely culprit is the use of a Form component, which stores
>>> its ValidationTracker object (by default) in session, creating a
>>> session as needed.
>>>
>>> You can bind the tracker parameter of the Form component to a simple,
>>> non-persistent, property of type ValidationTracker. Your only
>>> problem, then, is dealing with server-side input validation errors ...
>>> the tracker exists to capture user input and validation errors from
>>> the from submit request so that that information can be presented on
>>> the subsequent page render request.
>>>
>>> On Mon, Jan 11, 2010 at 12:16 PM, robinwilson2 <rw...@gmail.com> wrote:
>>>>
>>>> We are running a high-volume environment on a 4 server tomcat cluster. Every
>>>> so often (about 1 time per month) during peak load times, our Tomcats will
>>>> start to thrash on garbage collection. We've traced the problem down to the
>>>> sessions being created are taking up all the heap space - even though the
>>>> vast majority of sessions are unnecessary because the user is completely
>>>> unauthenticated at the time the session is created.
>>>>
>>>> We have a 6GB heap space on each server - but the authenticated users take
>>>> up less then 1/10th of this space, the rest is going to unauthenticated
>>>> users.
>>>>
>>>> We have tuned our session durations down for unauthenticated users to 1
>>>> seconds, but we can still encounter loads that generate sessions for
>>>> unauthenticated users so fast that we run out of heap. (Not because we
>>>> generate sessions faster than they are being expired - but because Tomcat's
>>>> expiration code is very slow, so "old" (past expiration time) sessions
>>>> linger for more than an hour during peak load.
>>>>
>>>> To us, the ideal solution would be to not create sessions if the user is
>>>> unauthenticated. We're using Tapestry 5.1.05, and we can't figure out how to
>>>> make a page that does not create a session in Tapestry. Can someone point us
>>>> in the direction of the documentation on this (if there is any)?
>>>> --
>>>> View this message in context:
> http://old.nabble.com/I%27d-like-to-have-a-page-with-no-session-for-unauthenticated-users%2C-and-with-a-session-when-the-user-is-aut
> henticated-tp27116942p27116942.html
>>>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Howard M. Lewis Ship
>>>
>>> Creator of Apache Tapestry
>>>
>>> The source for Tapestry training, mentoring and support. Contact me to
>>> learn how I can get you up and productive in Tapestry fast!
>>>
>>> (971) 678-5210
>>> http://howardlewisship.com
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>>
>>
>>
>>
>> --
>> --
>> TheDailyTube.com. Sign up and get the best new videos on the internet
>> delivered fresh to your inbox.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
>
>
> --
> Howard M. Lewis Ship
>
> Creator of Apache Tapestry
>
> The source for Tapestry training, mentoring and support. Contact me to
> learn how I can get you up and productive in Tapestry fast!
>
> (971) 678-5210
> http://howardlewisship.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Creator of Apache Tapestry
The source for Tapestry training, mentoring and support. Contact me to
learn how I can get you up and productive in Tapestry fast!
(971) 678-5210
http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: I'd like to have a page with no session for unauthenticated users, and with a session when the user is authenticated
Posted by "Robin D. Wilson" <rw...@gmail.com>.
So how do I add an issue? (I'm new to this group...)
--
Robin D. Wilson
Director of Web Development
KingsIsle Entertainment, Inc.
CELL: 512-426-3929
DESK: 512-623-5913
www.KingsIsle.com
-----Original Message-----
From: Howard Lewis Ship [mailto:hlship@gmail.com]
Sent: Monday, January 11, 2010 4:29 PM
To: Tapestry users
Subject: Re: I'd like to have a page with no session for unauthenticated users, and with a session when the user is authenticated
True; perhaps the logic could be changed such that the VT is not
stored in the session ... oh, I know a good way to do that, actually
(a proxy to the real validation delegate). Add an issue and we'll see
if we can get that to work ... it would be a big performance boost for
a typical form (that submits succesfully).
On Mon, Jan 11, 2010 at 2:20 PM, Josh Canfield <jo...@thedailytube.com> wrote:
> Is there a reason the form needs to persist data when it hasn't been
> submitted? perhaps ValidationTracker should be null until it's needed.
>
> On Mon, Jan 11, 2010 at 1:56 PM, Howard Lewis Ship <hl...@gmail.com> wrote:
>> The mostly likely culprit is the use of a Form component, which stores
>> its ValidationTracker object (by default) in session, creating a
>> session as needed.
>>
>> You can bind the tracker parameter of the Form component to a simple,
>> non-persistent, property of type ValidationTracker. Your only
>> problem, then, is dealing with server-side input validation errors ...
>> the tracker exists to capture user input and validation errors from
>> the from submit request so that that information can be presented on
>> the subsequent page render request.
>>
>> On Mon, Jan 11, 2010 at 12:16 PM, robinwilson2 <rw...@gmail.com> wrote:
>>>
>>> We are running a high-volume environment on a 4 server tomcat cluster. Every
>>> so often (about 1 time per month) during peak load times, our Tomcats will
>>> start to thrash on garbage collection. We've traced the problem down to the
>>> sessions being created are taking up all the heap space - even though the
>>> vast majority of sessions are unnecessary because the user is completely
>>> unauthenticated at the time the session is created.
>>>
>>> We have a 6GB heap space on each server - but the authenticated users take
>>> up less then 1/10th of this space, the rest is going to unauthenticated
>>> users.
>>>
>>> We have tuned our session durations down for unauthenticated users to 1
>>> seconds, but we can still encounter loads that generate sessions for
>>> unauthenticated users so fast that we run out of heap. (Not because we
>>> generate sessions faster than they are being expired - but because Tomcat's
>>> expiration code is very slow, so "old" (past expiration time) sessions
>>> linger for more than an hour during peak load.
>>>
>>> To us, the ideal solution would be to not create sessions if the user is
>>> unauthenticated. We're using Tapestry 5.1.05, and we can't figure out how to
>>> make a page that does not create a session in Tapestry. Can someone point us
>>> in the direction of the documentation on this (if there is any)?
>>> --
>>> View this message in context:
http://old.nabble.com/I%27d-like-to-have-a-page-with-no-session-for-unauthenticated-users%2C-and-with-a-session-when-the-user-is-aut
henticated-tp27116942p27116942.html
>>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>>
>>
>>
>>
>> --
>> Howard M. Lewis Ship
>>
>> Creator of Apache Tapestry
>>
>> The source for Tapestry training, mentoring and support. Contact me to
>> learn how I can get you up and productive in Tapestry fast!
>>
>> (971) 678-5210
>> http://howardlewisship.com
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
>
>
> --
> --
> TheDailyTube.com. Sign up and get the best new videos on the internet
> delivered fresh to your inbox.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Creator of Apache Tapestry
The source for Tapestry training, mentoring and support. Contact me to
learn how I can get you up and productive in Tapestry fast!
(971) 678-5210
http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by Howard Lewis Ship <hl...@gmail.com>.
True; perhaps the logic could be changed such that the VT is not
stored in the session ... oh, I know a good way to do that, actually
(a proxy to the real validation delegate). Add an issue and we'll see
if we can get that to work ... it would be a big performance boost for
a typical form (that submits succesfully).
On Mon, Jan 11, 2010 at 2:20 PM, Josh Canfield <jo...@thedailytube.com> wrote:
> Is there a reason the form needs to persist data when it hasn't been
> submitted? perhaps ValidationTracker should be null until it's needed.
>
> On Mon, Jan 11, 2010 at 1:56 PM, Howard Lewis Ship <hl...@gmail.com> wrote:
>> The mostly likely culprit is the use of a Form component, which stores
>> its ValidationTracker object (by default) in session, creating a
>> session as needed.
>>
>> You can bind the tracker parameter of the Form component to a simple,
>> non-persistent, property of type ValidationTracker. Your only
>> problem, then, is dealing with server-side input validation errors ...
>> the tracker exists to capture user input and validation errors from
>> the from submit request so that that information can be presented on
>> the subsequent page render request.
>>
>> On Mon, Jan 11, 2010 at 12:16 PM, robinwilson2 <rw...@gmail.com> wrote:
>>>
>>> We are running a high-volume environment on a 4 server tomcat cluster. Every
>>> so often (about 1 time per month) during peak load times, our Tomcats will
>>> start to thrash on garbage collection. We've traced the problem down to the
>>> sessions being created are taking up all the heap space - even though the
>>> vast majority of sessions are unnecessary because the user is completely
>>> unauthenticated at the time the session is created.
>>>
>>> We have a 6GB heap space on each server - but the authenticated users take
>>> up less then 1/10th of this space, the rest is going to unauthenticated
>>> users.
>>>
>>> We have tuned our session durations down for unauthenticated users to 1
>>> seconds, but we can still encounter loads that generate sessions for
>>> unauthenticated users so fast that we run out of heap. (Not because we
>>> generate sessions faster than they are being expired - but because Tomcat's
>>> expiration code is very slow, so "old" (past expiration time) sessions
>>> linger for more than an hour during peak load.
>>>
>>> To us, the ideal solution would be to not create sessions if the user is
>>> unauthenticated. We're using Tapestry 5.1.05, and we can't figure out how to
>>> make a page that does not create a session in Tapestry. Can someone point us
>>> in the direction of the documentation on this (if there is any)?
>>> --
>>> View this message in context: http://old.nabble.com/I%27d-like-to-have-a-page-with-no-session-for-unauthenticated-users%2C-and-with-a-session-when-the-user-is-authenticated-tp27116942p27116942.html
>>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>>
>>
>>
>>
>> --
>> Howard M. Lewis Ship
>>
>> Creator of Apache Tapestry
>>
>> The source for Tapestry training, mentoring and support. Contact me to
>> learn how I can get you up and productive in Tapestry fast!
>>
>> (971) 678-5210
>> http://howardlewisship.com
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
>
>
> --
> --
> TheDailyTube.com. Sign up and get the best new videos on the internet
> delivered fresh to your inbox.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Creator of Apache Tapestry
The source for Tapestry training, mentoring and support. Contact me to
learn how I can get you up and productive in Tapestry fast!
(971) 678-5210
http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by Josh Canfield <jo...@thedailytube.com>.
Is there a reason the form needs to persist data when it hasn't been
submitted? perhaps ValidationTracker should be null until it's needed.
On Mon, Jan 11, 2010 at 1:56 PM, Howard Lewis Ship <hl...@gmail.com> wrote:
> The mostly likely culprit is the use of a Form component, which stores
> its ValidationTracker object (by default) in session, creating a
> session as needed.
>
> You can bind the tracker parameter of the Form component to a simple,
> non-persistent, property of type ValidationTracker. Your only
> problem, then, is dealing with server-side input validation errors ...
> the tracker exists to capture user input and validation errors from
> the from submit request so that that information can be presented on
> the subsequent page render request.
>
> On Mon, Jan 11, 2010 at 12:16 PM, robinwilson2 <rw...@gmail.com> wrote:
>>
>> We are running a high-volume environment on a 4 server tomcat cluster. Every
>> so often (about 1 time per month) during peak load times, our Tomcats will
>> start to thrash on garbage collection. We've traced the problem down to the
>> sessions being created are taking up all the heap space - even though the
>> vast majority of sessions are unnecessary because the user is completely
>> unauthenticated at the time the session is created.
>>
>> We have a 6GB heap space on each server - but the authenticated users take
>> up less then 1/10th of this space, the rest is going to unauthenticated
>> users.
>>
>> We have tuned our session durations down for unauthenticated users to 1
>> seconds, but we can still encounter loads that generate sessions for
>> unauthenticated users so fast that we run out of heap. (Not because we
>> generate sessions faster than they are being expired - but because Tomcat's
>> expiration code is very slow, so "old" (past expiration time) sessions
>> linger for more than an hour during peak load.
>>
>> To us, the ideal solution would be to not create sessions if the user is
>> unauthenticated. We're using Tapestry 5.1.05, and we can't figure out how to
>> make a page that does not create a session in Tapestry. Can someone point us
>> in the direction of the documentation on this (if there is any)?
>> --
>> View this message in context: http://old.nabble.com/I%27d-like-to-have-a-page-with-no-session-for-unauthenticated-users%2C-and-with-a-session-when-the-user-is-authenticated-tp27116942p27116942.html
>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
>
>
> --
> Howard M. Lewis Ship
>
> Creator of Apache Tapestry
>
> The source for Tapestry training, mentoring and support. Contact me to
> learn how I can get you up and productive in Tapestry fast!
>
> (971) 678-5210
> http://howardlewisship.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
--
TheDailyTube.com. Sign up and get the best new videos on the internet
delivered fresh to your inbox.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: I'd like to have a page with no session for unauthenticated
users, and with a session when the user is authenticated
Posted by Howard Lewis Ship <hl...@gmail.com>.
The mostly likely culprit is the use of a Form component, which stores
its ValidationTracker object (by default) in session, creating a
session as needed.
You can bind the tracker parameter of the Form component to a simple,
non-persistent, property of type ValidationTracker. Your only
problem, then, is dealing with server-side input validation errors ...
the tracker exists to capture user input and validation errors from
the from submit request so that that information can be presented on
the subsequent page render request.
On Mon, Jan 11, 2010 at 12:16 PM, robinwilson2 <rw...@gmail.com> wrote:
>
> We are running a high-volume environment on a 4 server tomcat cluster. Every
> so often (about 1 time per month) during peak load times, our Tomcats will
> start to thrash on garbage collection. We've traced the problem down to the
> sessions being created are taking up all the heap space - even though the
> vast majority of sessions are unnecessary because the user is completely
> unauthenticated at the time the session is created.
>
> We have a 6GB heap space on each server - but the authenticated users take
> up less then 1/10th of this space, the rest is going to unauthenticated
> users.
>
> We have tuned our session durations down for unauthenticated users to 1
> seconds, but we can still encounter loads that generate sessions for
> unauthenticated users so fast that we run out of heap. (Not because we
> generate sessions faster than they are being expired - but because Tomcat's
> expiration code is very slow, so "old" (past expiration time) sessions
> linger for more than an hour during peak load.
>
> To us, the ideal solution would be to not create sessions if the user is
> unauthenticated. We're using Tapestry 5.1.05, and we can't figure out how to
> make a page that does not create a session in Tapestry. Can someone point us
> in the direction of the documentation on this (if there is any)?
> --
> View this message in context: http://old.nabble.com/I%27d-like-to-have-a-page-with-no-session-for-unauthenticated-users%2C-and-with-a-session-when-the-user-is-authenticated-tp27116942p27116942.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Creator of Apache Tapestry
The source for Tapestry training, mentoring and support. Contact me to
learn how I can get you up and productive in Tapestry fast!
(971) 678-5210
http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org