+ /**
+ * Returns the existing session if any is given in the form
values or url.
+ */
+ public WOSession existingSession() {
+ String sessionID = _requestSessionID();
+ if(!super.hasSession() && sessionID != null)
+ WOApplication.application().restoreSessionWithID(sessionID,
this);
+ return _session();
+ }
+
+ /**
+ * Returns true if there is an existing session.
+ */
+ ..verride
+ public boolean hasSession() {
+ if(super.hasSession()) {
+ return true;
+ }
+ return existingSession() != null;
+ }
Am 07.02.2008 um 21:25 schrieb Thomas:
> Thanks, I discovered that. I am using hasSession(), which mostly
> works, but there are still some new sessions being created. Still
> investigating.
>
> What do you mean when you say you fixed it in Wonder? How did you do
> that?
>
> Regards
> Thomas
>
> On 07/02/2008, at 11:59 PM, Anjo Krank wrote:
>
>> FWIW, I just fixed that in Wonder.
>>
>> Context.hasSession() only check is the session has been actually
>> set, ie. context.setSession() has been called. This has bitten me a
>> few times before. If you are in a DA, there is existingSession() to
>> check if there is a session.
>>
>> Cheers, Anjo
>>
>> Am 04.02.2008 um 06:15 schrieb Thomas:
>>
>>> Andrew,
>>>
>>> thanks for that. This works-- at least if an instance is set to
>>> refuse new sessions, it will only serve a response from the
>>> instance(s) NOT set to refuse new sessions.
>>>
>>> However, the adaptor seems to be ignoring the session ID in the
>>> cookie. context().hasSession() always returns false even when
>>> there is a valid session ID cookie.
>>>
>>> Just for posterity, here is what I did in the direct action handler:
>>>
>>> if (!context().hasSession() &&
>>> WOApplication.application().isRefusingNewSessions()) {
>>> WOResponse response = new WOResponse();
>>> // this will cause the adaptor to fail the request and try to send
>>> it to another instance.
>>> response.setStatus(302); // move temporarily
>>> response.setHeader("true", "x-webobjects-refusing-redirection");
>>> return response;
>>> }
>>>
>>>
>>>
>>> On 04/02/2008, at 11:41 AM, Andrew Lindesay wrote:
>>>
>>>> Hello Thomas;
>>>>
>>>> I recently had a look in the apache adaptor source for this.
>>>> Download my framework and take a look at;
>>>>
>>>> LEWOJSONRPCRequestHandler.handleRequest(..)
>>>>
>>>> Look for;
>>>>
>>>> LEWOStuffConstants.KEY_HEADER_WOREFUSINGREDIRECTION
>>>>
>>>> I'm not sure if there is a better way.
>>>>
>>>> cheers.
>>>>
>>>>> Google and the apple docs are surprisingly silent about this.
>>>>>
>>>>> I have an application where almost all access is for members
>>>>> only, thus requiring login, but almost all pages are accessed by
>>>>> direct action. Of course if I set "refuse new sessions" because
>>>>> I've deployed a new version in another instance, it does nothing
>>>>> because new users connect via direct action and get a new session.
>>>>>
>>>>> I'm wondering what is the standard way of handling this? Should
>>>>> I test for isRefusingNewSessions() and hasSession() and redirect
>>>>> the visitor to the same URL, hoping that eventually they will
>>>>> get another instance? Is there a better way?
>>>>
>>>> ___
>>>> Andrew Lindesay
>>>> technology : www.lindesay.co.nz
>>>> business : www.silvereye.co.nz
>>>>
>>>>
>>>>
>>>>
>>>
>>
>>
>
This archive was generated by hypermail 2.0.0 : Thu Feb 07 2008 - 15:41:10 EST