You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Shaun Thompson <st...@gmail.com> on 2013/01/08 21:54:29 UTC
Session Expiration - Ajax
I'm currently evaluating component based frameworks, as we are using
Wicket, and one of the problems we encounter is Ajax interactions after the
http session has expired.
If a user clicks on a component that is Ajax enabled - the framework throws
a PageExpiration exception.
For most applications, we want the request to still continue.
The HelloWorld example from Tapestry doesn't appear to experience this.
My questions are
- For persistent data on a page where is this serialized to?
- Are all Ajax interactions safe in this manner, form buttons, links, etc
Re: Session Expiration - Ajax
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
I think that this area is where Tapestry actually needs usability improvement.
Usually, with setupRender() doing all the initialization, when Ajax request gets
called (much) later with an invalidated session, all sorts of NPEs would result.
Of course this can be solved with onActivate() or null checks, but usually the best
solution is just to redirect to the same page, and 'redraw' the page in a non-ajax way
to re-initialize everything. If the page is protected by a login screen, the login screen redirection
should result.
This is fixed in the FlowLogix library, but I think stock Tapestry needs to incorporate this.
FlowLogix @AJAX annotation / supporting code does this currently.
On Jan 12, 2013, at 11:10 AM, Howard Lewis Ship wrote:
> In Tapestry, individual page and component fields, marked with the @Perist
> or @SessionState annotations, will be stored in the the HttpSession.
> Tapestry generates a unique session attribute key that identifies the name
> of the page, nested component id, and field name.
>
> If any request, Ajax or otherwise, is received after the session has been
> invalidated, Tapestry will simply proceed using default (typically, null)
> values for such fields. In some cases, the page may wish to inject the
> Request so as to query whether the session is invalidated ... though it may
> be easier to see if the specific field is null when it is not expected to
> be.
>
> Lance's note about a thread local map is actually a more recent
> optimization; once you have the basic infrastructure to intercept field
> access so as to store and retrieve data from the HttpSession, you can do
> the same trick to separate instances from their state.
>
>
> On Tue, Jan 8, 2013 at 8:54 PM, Shaun Thompson
> <sthomps@gmail.com<javascript:_e({}, 'cvml', 'sthomps@gmail.com');>
>> wrote:
>
>> I'm currently evaluating component based frameworks, as we are using
>> Wicket, and one of the problems we encounter is Ajax interactions after the
>> http session has expired.
>>
>> If a user clicks on a component that is Ajax enabled - the framework throws
>> a PageExpiration exception.
>>
>> For most applications, we want the request to still continue.
>>
>> The HelloWorld example from Tapestry doesn't appear to experience this.
>>
>> My questions are
>>
>> - For persistent data on a page where is this serialized to?
>> - Are all Ajax interactions safe in this manner, form buttons, links, etc
>>
>
>
>
> --
> Howard M. Lewis Ship
>
> Creator of Apache Tapestry
>
> The source for Tapestry training, mentoring and support. Contact me to
> learn how I can get you up and productive in Tapestry fast!
>
> (971) 678-5210
> http://howardlewisship.com
>
>
> --
> Howard M. Lewis Ship
>
> Creator of Apache Tapestry
>
> The source for Tapestry training, mentoring and support. Contact me to
> learn how I can get you up and productive in Tapestry fast!
>
> (971) 678-5210
> http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Session Expiration - Ajax
Posted by Howard Lewis Ship <hl...@gmail.com>.
In Tapestry, individual page and component fields, marked with the @Perist
or @SessionState annotations, will be stored in the the HttpSession.
Tapestry generates a unique session attribute key that identifies the name
of the page, nested component id, and field name.
If any request, Ajax or otherwise, is received after the session has been
invalidated, Tapestry will simply proceed using default (typically, null)
values for such fields. In some cases, the page may wish to inject the
Request so as to query whether the session is invalidated ... though it may
be easier to see if the specific field is null when it is not expected to
be.
Lance's note about a thread local map is actually a more recent
optimization; once you have the basic infrastructure to intercept field
access so as to store and retrieve data from the HttpSession, you can do
the same trick to separate instances from their state.
On Tue, Jan 8, 2013 at 8:54 PM, Shaun Thompson
<sthomps@gmail.com<javascript:_e({}, 'cvml', 'sthomps@gmail.com');>
> wrote:
> I'm currently evaluating component based frameworks, as we are using
> Wicket, and one of the problems we encounter is Ajax interactions after the
> http session has expired.
>
> If a user clicks on a component that is Ajax enabled - the framework throws
> a PageExpiration exception.
>
> For most applications, we want the request to still continue.
>
> The HelloWorld example from Tapestry doesn't appear to experience this.
>
> My questions are
>
> - For persistent data on a page where is this serialized to?
> - Are all Ajax interactions safe in this manner, form buttons, links, etc
>
--
Howard M. Lewis Ship
Creator of Apache Tapestry
The source for Tapestry training, mentoring and support. Contact me to
learn how I can get you up and productive in Tapestry fast!
(971) 678-5210
http://howardlewisship.com
--
Howard M. Lewis Ship
Creator of Apache Tapestry
The source for Tapestry training, mentoring and support. Contact me to
learn how I can get you up and productive in Tapestry fast!
(971) 678-5210
http://howardlewisship.com