Re: How to Retrieve Session User?
Re: How to Retrieve Session User?
- Subject: Re: How to Retrieve Session User?
- From: Chuck Hill <email@hidden>
- Date: Thu, 5 Apr 2007 15:02:33 -0700
On Apr 5, 2007, at 2:58 PM, Fred Shurtleff wrote:
Chuck,
Can you give me add'l details re: iCab - I could not reference it
in Safari Help or my handy Mac guide - "Mac OS X: The Missing Manual".
http://www.icab.de/
Also thanks for that snippet of code that reports new sessions. A
link on the path to where I ran into my problem does in fact create
a new session. But I don't know why. The offending link(resulting
in a new session) calls an action method in DirectAction.java -
following is the code:
public WOActionResults postsAction() {
WOComponent nextPage = pageWithName("TopicPosts");
Number topicID = request().numericFormValueForKey("topicID", new
NSNumberFormatter());
EOEnterpriseObject topic =
EOUtilities.objectWithPrimaryKeyValue(WOApplication.application
().sharedEditingContext(), "Topic", topicID);
That rather looks like an abuse of sharedEditingContext().
Number index = request().numericFormValueForKey
("displayBatchIndex", new NSNumberFormatter());
// set variables
nextPage.takeValueForKeyPath(topic,
"postsDisplayGroup.masterObject");
if (index != null) nextPage.takeValueForKeyPath(index,
"postsDisplayGroup.currentBatchIndex");
return nextPage;
The strange thing here is this action method is identical(just
different entity/key) to another(& previously called) action WHICH
DOES NOT create a new session. So I am totally puzzled - but just
want to learn the caveats here re:session creation. Seems like this
technology is fraught with all kinds of 'gotchas & sinkholes' -
there should be more 'best practice' sample code to learn the ropes.
I would take a closer look the URL it is reporting.
Chuck
Chuck Hill wrote:
On Apr 5, 2007, at 9:16 AM, Fred Shurtleff wrote:
Hi All,
I checked the session (using Session session = (Session) session
();) immediately B4 setting the session user and again when I
retrieved the session user, and they were, in fact, DIFFERENT. So
this explains WHY the null user(and why the KVC calls seemingly
did not work), but opens up another issue - how are multiple
sessions spawned?
Studies have shown that 98.3% of the time this can be tracked to
your bad HTML. That is why I suggested using iCab yesterday. No
green, happy face in iCab? Your HTML has a problem. Bad HTML +
confused browsers = extra requests to the application.
Another way to find this is to add this to your session class:
boolean didCreate = true;
public void awake() {
super.awake();
if (didCreate)
{
NSLog.out.appendln("Creating session for request: " +
context().request().uri());
didCreate = false;
}
}
You should be able to spot the bad URL(s) and track then back to
your bad HTML.
Chuck
I do understand the process of session ID creation and how
requests are matched with active, cached session ID's, but what I
don't understand is how my app has created >1 sessions when I am
the only user running direct under the localhost??
Also I should say that having read all the replies to my post, I
now realize there are better practices for tracking users. I was
in fact using a demo app from a WO book (WO's Developer's Guide -
SAMS Publishing, 2002), which happens to use these KVC techniques
for user tracking, which understandably can be simplified/
inappropriate for training purposes. But it is very frustrating
trying to debug this issue, and stood in the way of working the
demo, which I thought was very good from the standpoint of
transversing related EO's and performing basic database CRUD
actions.
Last I just want to mention there is complete authenticate/user
tracking solution in the "Practical WebObjects Book"(Chapter 4)
by Hill & Mallais, which appears very straight-forward, flexible,
and conceptually sound to me. It even uses HTTPS to do the
authentication, and DOES NOT USE KVC techniques. :-) So I
plan to use it for user logins and site security controls.
Thanks for all your input - Fred
Ken Anderson wrote:
Fred,
I would verify that the session your setting the user on is the
same session your asking for the user. As Chuck mentioned
earlier, it's possible that you're creating sessions without
realizing it.
Ken
On Apr 4, 2007, at 8:41 PM, Fred Shurtleff wrote:
It's a typo - really 2 lines.
// set the session.user ((Session) session()).takeValueForKey
(user, "user");
Chuck Hill wrote:
On Apr 4, 2007, at 5:34 PM, Fred Shurtleff wrote:
Gino, Mark, Chuck, Mike,
I have tried all of your 'best practice' suggestions (not
Chuck's yet), and STILL have no luck. To recap, this is my
setup:
Session.java (declare a user)-
protected EOEnterpriseObject user;
Main.java (fetch/authenticate, & set the user in session)-
// fetch the user
EOEnterpriseObject user =
EOUtilities.objectMatchingKeyAndValue(session
().defaultEditingContext(), "User", "name", username);
// set the session.user ((Session) session
()).takeValueForKey(user, "user");
Typo or is it really commented out?
Post.java (get the user for inserting transaction)=
EOEnterpriseObject user = (EOEnterpriseObject) ((Session)
session()).valueForKey("user");
At this point (using the debug mode) the user is null!! This
seems so... basic, yet I cannot see the problem. So if you
see something awry, please shout again.
It is sort of like a magic show. If I put something in a box,
and then later open the box and the thing is not in there, how
did this happen? Answer: it is not the same box. Try this:
// fetch the user
EOEnterpriseObject user =
EOUtilities.objectMatchingKeyAndValue(session
().defaultEditingContext(), "User", "name", username);
// set the session.user
((Session) session()).takeValueForKey(user, "user");
NSLog.out.appendln("Registered user in session " + session
().sessionID());
Post.java (get the user for inserting transaction)=
EOEnterpriseObject user = (EOEnterpriseObject) ((Session)
session()).valueForKey("user");
NSLog.out.appendln("Retrieved user from session " + session
().sessionID());
Now, are the IDs the same or not? If not, check your HTML for
malformed HTML. On Mac? Use the iCab browser for its easy
HTML validation.
Chuck
Now what I think Chuck & Mike is saying is the above approach
is 'taking a short cut' so-to-speak(using built-in KVC settor/
gettors), and is lacking for reasons mentioned. A better
practice is to code explicit java methods to message (get/
set) objects - a la OO Programming style.
I appreciate all your help & suggestions - Fred
Chuck Hill wrote:
Adding onto Mark's comments... KVC is for when you can't
use statically compiled Java. Using KVC instead of
statically compiled Java:
- reduces the chance of having the compiler catch your mistakes
- makes the code harder to read
- makes it harder to make naming changes
- makes you a bad person ;-)
In your session you should have:
private User loggedInUser;
public void setUser(User user) {
loggedInUser = user;
}
public User user() {
return loggedInUser;
}
And your code sample should read:
// set the session user
((Session)session()).setUser(user);
...
EOEnterpriseObject user = ((Session)session()).user();
And if it still evaluates to null, then your code is
probably creating more sessions than you realize.
Chuck
On Apr 4, 2007, at 3:58 PM, Mark Morris wrote:
Hi Fred,
KVC is certainly an integral part of WO, but much of that
is a bit behind the scenes. For instance, if you create
the user() and setUser() methods in your Session class,
WO's KVC implementation is what lets you bind session.user
to a WOString in a component. So you get the advantages,
while still getting the benefits of proper methods that
Mike was mentioning (such as some compiler error checking,
easier maintainability/internal documentation, and the
ability to put some logic in the accessor methods).
Regards,
Mark
On Apr 4, 2007, at 5:22 PM, Fred Shurtleff wrote:
Chuck,
I would welcome your comments on my KVC usage.
I was actually surprised by Mike's statement re: KVC
'funnybusiness' as I was led to believe from my readings
that KVC was a very integral part of WO. And the KVC
concept seems very straight-forward to me - what can be
simpler than takeValueForKey( value, key)? Also this is
the technique I have learned from a number of tutorials.
But then I am unable to put/get a user into the session -
so there must be something I am missing. Actually I have
tried so many ways to retrieve the user, I now think I
never got the user into the session to begin with. :-)
Chuck Hill wrote:
Listen to Mike. I was just about to write and make the
same complaint of your code. Abusing KVC is NOT your
friend.
Chuck
On Apr 4, 2007, at 1:45 PM, Mike Schrag wrote:
PERSONALLY, I'd stop all this KVC funnybusiness. It has
its place and it's really powerful, but you're making
your life way obnoxious. Let Java do its job and just
call methods on things -- there are LOTS of benefits of
this. Define a proper user field on your Session class
and do setUser(..) and user() to retrieve it.
On Apr 4, 2007, at 4:40 PM, Fred Shurtleff wrote:
Mark - I understand where you are coming from, and did
try your suggestion. But I still am NOT getting a user
EO instance (I get null per the debugger).
Actually I checked the WO docs and both valueForKeyPath
AND valueForKey are valid methods of the Session class.
Problem is what is the correct syntax. The docs say
object.valueForKey(string), and your suggestion
provided the object part (ie session()) (I also tried
your input + valueForKeyPath but Eclipse complained
about 'no such key = session')
So I still am at a loss on how to retrieve a user EO
from the session. :-(
But thanks for your help/input!
Mark Morris wrote:
Hi Fred,
On Apr 4, 2007, at 3:10 PM, Fred Shurtleff wrote:
Hello,
I have a basic question on how to access the logged
in user for later use in updates. After
authenticating a user I enter him into the session,
but when I later try to retrieve this user in another
page, it fails(returns null).
So in my main page I record the user as follows:
if (_password.equals(password))
{ EOEnterpriseObject user =
EOUtilities.objectMatchingKeyAndValue(session
().defaultEditingContext(), "User", "name", username);
// set the
session.user session
().takeValueForKey(user, "user");
And on another page to add a new transaction which
needs the user relation attribute(as a foreign key):
EOEnterpriseObject user = (EOEnterpriseObject)
valueForKeyPath("session.user"); // user evals to
null???
Try changing this to:
EOEnterpriseObject user = (EOEnterpriseObject)
session().valueForKey("user");
valueForKeyPath is useful, but I don't think it can do
what you're asking of it here.
purchase.addObjectToBothSidesOfRelationshipWithKey
(user, "user");
The save fails because user is a required attribute.
And I'm not sure if I am not properly storing the
user in the session, or not properly retrieving the
user from the session.
Can anyone see what I am doing wrong or suggest
another approach?
TIA
Personally, I usually make currentUser an actual
variable in Session. (Private, with public accessor
methods, of course! ;-)
Regards,
Mark
_______________________________________________
Do not post admin requests to the list. They will be
ignored.
Webobjects-dev mailing list (Webobjects-
email@hidden)
Help/Unsubscribe/Update your Subscription:
email@hidden
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be
ignored.
Webobjects-dev mailing list (Webobjects-
email@hidden)
Help/Unsubscribe/Update your Subscription:
email@hidden
This email sent to email@hidden
--Practical WebObjects - for developers who want to
increase their overall knowledge of WebObjects or who are
trying to solve specific problems.
http://www.global-village.net/products/practical_webobjects
_______________________________________________
Do not post admin requests to the list. They will be
ignored.
Webobjects-dev mailing list (Webobjects-
email@hidden)
Help/Unsubscribe/Update your Subscription:
40comcast.net
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (Webobjects-
email@hidden)
Help/Unsubscribe/Update your Subscription:
@onpointsoftware.com
This email sent to email@hidden
--Practical WebObjects - for developers who want to increase
their overall knowledge of WebObjects or who are trying to
solve specific problems.
http://www.global-village.net/products/practical_webobjects
--Practical WebObjects - for developers who want to increase
their overall knowledge of WebObjects or who are trying to
solve specific problems.
http://www.global-village.net/products/practical_webobjects
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40anderhome.com
This email sent to email@hidden
--
Practical WebObjects - for developers who want to increase their
overall knowledge of WebObjects or who are trying to solve
specific problems.
http://www.global-village.net/products/practical_webobjects
--
Practical WebObjects - for developers who want to increase their
overall knowledge of WebObjects or who are trying to solve specific
problems.
http://www.global-village.net/products/practical_webobjects
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden