Re: How to Retrieve Session User?
Re: How to Retrieve Session User?
- Subject: Re: How to Retrieve Session User?
- From: Fred Shurtleff <email@hidden>
- Date: Thu, 05 Apr 2007 13:11:04 -0400
Chuck,
I have to admit I did not read down far enough down in yesterday's reply
- wish I had as it would of saved me some time.
I will try your iCab advice - I'm not familiar with it and assume it is
an intuitive HTML checker?
Thanks - Fred
Chuck Hill wrote:
On Apr 5, 2007, at 9:16 AM, Fred Shurtleff wrote:
Hi All,
I checked the session (using Session session = (Session) session();)
immediately B4 setting the session user and again when I retrieved
the session user, and they were, in fact, DIFFERENT. So this explains
WHY the null user(and why the KVC calls seemingly did not work), but
opens up another issue - how are multiple sessions spawned?
Studies have shown that 98.3% of the time this can be tracked to your
bad HTML. That is why I suggested using iCab yesterday. No green,
happy face in iCab? Your HTML has a problem. Bad HTML + confused
browsers = extra requests to the application.
Another way to find this is to add this to your session class:
boolean didCreate = true;
public void awake() {
super.awake();
if (didCreate)
{
NSLog.out.appendln("Creating session for request: " +
context().request().uri());
didCreate = false;
}
}
You should be able to spot the bad URL(s) and track then back to your
bad HTML.
Chuck
I do understand the process of session ID creation and how requests
are matched with active, cached session ID's, but what I don't
understand is how my app has created >1 sessions when I am the only
user running direct under the localhost??
Also I should say that having read all the replies to my post, I now
realize there are better practices for tracking users. I was in fact
using a demo app from a WO book (WO's Developer's Guide - SAMS
Publishing, 2002), which happens to use these KVC techniques for user
tracking, which understandably can be simplified/inappropriate for
training purposes. But it is very frustrating trying to debug this
issue, and stood in the way of working the demo, which I thought was
very good from the standpoint of transversing related EO's and
performing basic database CRUD actions.
Last I just want to mention there is complete authenticate/user
tracking solution in the "Practical WebObjects Book"(Chapter 4) by
Hill & Mallais, which appears very straight-forward, flexible, and
conceptually sound to me. It even uses HTTPS to do the
authentication, and DOES NOT USE KVC techniques. :-) So I plan to
use it for user logins and site security controls.
Thanks for all your input - Fred
Ken Anderson wrote:
Fred,
I would verify that the session your setting the user on is the same
session your asking for the user. As Chuck mentioned earlier, it's
possible that you're creating sessions without realizing it.
Ken
On Apr 4, 2007, at 8:41 PM, Fred Shurtleff wrote:
It's a typo - really 2 lines.
// set the session.user ((Session)
session()).takeValueForKey(user, "user");
Chuck Hill wrote:
On Apr 4, 2007, at 5:34 PM, Fred Shurtleff wrote:
Gino, Mark, Chuck, Mike,
I have tried all of your 'best practice' suggestions (not Chuck's
yet), and STILL have no luck. To recap, this is my setup:
Session.java (declare a user)-
protected EOEnterpriseObject user;
Main.java (fetch/authenticate, & set the user in session)-
// fetch the user
EOEnterpriseObject user =
EOUtilities.objectMatchingKeyAndValue(session().defaultEditingContext(),
"User", "name", username);
// set the session.user ((Session)
session()).takeValueForKey(user, "user");
Typo or is it really commented out?
Post.java (get the user for inserting transaction)=
EOEnterpriseObject user = (EOEnterpriseObject) ((Session)
session()).valueForKey("user");
At this point (using the debug mode) the user is null!! This
seems so... basic, yet I cannot see the problem. So if you see
something awry, please shout again.
It is sort of like a magic show. If I put something in a box, and
then later open the box and the thing is not in there, how did
this happen? Answer: it is not the same box. Try this:
// fetch the user
EOEnterpriseObject user =
EOUtilities.objectMatchingKeyAndValue(session().defaultEditingContext(),
"User", "name", username);
// set the session.user
((Session) session()).takeValueForKey(user, "user");
NSLog.out.appendln("Registered user in session " +
session().sessionID());
Post.java (get the user for inserting transaction)=
EOEnterpriseObject user = (EOEnterpriseObject) ((Session)
session()).valueForKey("user");
NSLog.out.appendln("Retrieved user from session " +
session().sessionID());
Now, are the IDs the same or not? If not, check your HTML for
malformed HTML. On Mac? Use the iCab browser for its easy HTML
validation.
Chuck
Now what I think Chuck & Mike is saying is the above approach is
'taking a short cut' so-to-speak(using built-in KVC
settor/gettors), and is lacking for reasons mentioned. A better
practice is to code explicit java methods to message (get/set)
objects - a la OO Programming style.
I appreciate all your help & suggestions - Fred
Chuck Hill wrote:
Adding onto Mark's comments... KVC is for when you can't use
statically compiled Java. Using KVC instead of statically
compiled Java:
- reduces the chance of having the compiler catch your mistakes
- makes the code harder to read
- makes it harder to make naming changes
- makes you a bad person ;-)
In your session you should have:
private User loggedInUser;
public void setUser(User user) {
loggedInUser = user;
}
public User user() {
return loggedInUser;
}
And your code sample should read:
// set the session user
((Session)session()).setUser(user);
...
EOEnterpriseObject user = ((Session)session()).user();
And if it still evaluates to null, then your code is probably
creating more sessions than you realize.
Chuck
On Apr 4, 2007, at 3:58 PM, Mark Morris wrote:
Hi Fred,
KVC is certainly an integral part of WO, but much of that is a
bit behind the scenes. For instance, if you create the user()
and setUser() methods in your Session class, WO's KVC
implementation is what lets you bind session.user to a WOString
in a component. So you get the advantages, while still getting
the benefits of proper methods that Mike was mentioning (such
as some compiler error checking, easier
maintainability/internal documentation, and the ability to put
some logic in the accessor methods).
Regards,
Mark
On Apr 4, 2007, at 5:22 PM, Fred Shurtleff wrote:
Chuck,
I would welcome your comments on my KVC usage.
I was actually surprised by Mike's statement re: KVC
'funnybusiness' as I was led to believe from my readings that
KVC was a very integral part of WO. And the KVC concept seems
very straight-forward to me - what can be simpler than
takeValueForKey( value, key)? Also this is the technique I
have learned from a number of tutorials.
But then I am unable to put/get a user into the session - so
there must be something I am missing. Actually I have tried so
many ways to retrieve the user, I now think I never got the
user into the session to begin with. :-)
Chuck Hill wrote:
Listen to Mike. I was just about to write and make the same
complaint of your code. Abusing KVC is NOT your friend.
Chuck
On Apr 4, 2007, at 1:45 PM, Mike Schrag wrote:
PERSONALLY, I'd stop all this KVC funnybusiness. It has its
place and it's really powerful, but you're making your life
way obnoxious. Let Java do its job and just call methods on
things -- there are LOTS of benefits of this. Define a
proper user field on your Session class and do setUser(..)
and user() to retrieve it.
On Apr 4, 2007, at 4:40 PM, Fred Shurtleff wrote:
Mark - I understand where you are coming from, and did try
your suggestion. But I still am NOT getting a user EO
instance (I get null per the debugger).
Actually I checked the WO docs and both valueForKeyPath AND
valueForKey are valid methods of the Session class. Problem
is what is the correct syntax. The docs say
object.valueForKey(string), and your suggestion provided
the object part (ie session()) (I also tried your input +
valueForKeyPath but Eclipse complained about 'no such key =
session')
So I still am at a loss on how to retrieve a user EO from
the session. :-(
But thanks for your help/input!
Mark Morris wrote:
Hi Fred,
On Apr 4, 2007, at 3:10 PM, Fred Shurtleff wrote:
Hello,
I have a basic question on how to access the logged in
user for later use in updates. After authenticating a
user I enter him into the session, but when I later try
to retrieve this user in another page, it fails(returns
null).
So in my main page I record the user as follows:
if (_password.equals(password)) {
EOEnterpriseObject user =
EOUtilities.objectMatchingKeyAndValue(session().defaultEditingContext(),
"User", "name", username);
// set the
session.user
session().takeValueForKey(user, "user");
And on another page to add a new transaction which needs
the user relation attribute(as a foreign key):
EOEnterpriseObject user = (EOEnterpriseObject)
valueForKeyPath("session.user"); // user evals to null???
Try changing this to:
EOEnterpriseObject user =
(EOEnterpriseObject)session().valueForKey("user");
valueForKeyPath is useful, but I don't think it can do
what you're asking of it here.
purchase.addObjectToBothSidesOfRelationshipWithKey(user,
"user");
The save fails because user is a required attribute. And
I'm not sure if I am not properly storing the user in the
session, or not properly retrieving the user from the
session.
Can anyone see what I am doing wrong or suggest another
approach?
TIA
Personally, I usually make currentUser an actual variable
in Session. (Private, with public accessor methods, of
course! ;-)
Regards,
Mark
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list
(email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list
(email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
--Practical WebObjects - for developers who want to increase
their overall knowledge of WebObjects or who are trying to
solve specific problems.
http://www.global-village.net/products/practical_webobjects
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list
(email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
--Practical WebObjects - for developers who want to increase
their overall knowledge of WebObjects or who are trying to solve
specific problems.
http://www.global-village.net/products/practical_webobjects
--Practical WebObjects - for developers who want to increase their
overall knowledge of WebObjects or who are trying to solve
specific problems.
http://www.global-village.net/products/practical_webobjects
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
--
Practical WebObjects - for developers who want to increase their
overall knowledge of WebObjects or who are trying to solve specific
problems.
http://www.global-village.net/products/practical_webobjects
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden