Session best practices in jackrabbit

With the increasing use of content management systems (CMS), how to regulate content and protect digital assets is a problem. For example, all branches of an organization in China have their own websites and various web applications, but the website architecture is different, and the content storage is also based on their own needs. JCR was proposed to standardize content management, while jackrabbit is an open-source project under the Apache fund, fully implementing the jcr1.0 and jcr2.0 specifications.

 

Question:

Jackrabbit uses the session object to manage logons to the content library. In a web application, there are three possibilities for creating session objects:

1. Create a session object throughout the application, and all users access the object through a session object;
2. One session for each httpsession;
3. One session per httprequest

Which of the three methods is best practice? The use of different methods has a great impact on the application performance, so pay attention to it.

 

The following is a search post. The record is as follows:

Subject: Re: JCR session handling-MSG #00184 list: users.jackrabbit.apache.org

Hi, Over in Apache sling, we create new sessions for each request. We used to have session pooling (maintain a pool of open sessions per User to be reused on future requests). But this proved unstable and Slower than calling repository. login on each request (!) And we will Remove the session pool code in the near future. We do not use any http session. Also we do not share sessions Requests. The problem, you will have doing this is, that session objects Are not thread safe. So while reading from the same session concurrently will generally be Rather safe (no guarantee, though), writing concurrently with the same Sessions is a guaranteed failure. Hope this helps. Regards Felix On 21.01.2010:41, John tranier wrote: > Hi everybody, > > I woshould like to have advices about how I shoshould handle JCR sessions in > My application context. > I have read the guide on the Wiki, but I'm not clear about what is > Called "Transient MOD", if my application fall into it, and finally how > To deal with that case. > > I am using a jackrabbit repository to handle personal storage space > Users of my web application. I 've defined personalized access for each > Users, so it's about personalized accounts. > > Up to now, I 've handled sessions by creating a session for each HTTP > Request. But since my application makes use of Ajax to display the tree > View of the personal space of a user, a lot of requests may be launched > In sequence, causing a lot of login/logout... > > Wocould it be a better practice to use a HTTP session scope instead > Request scope, with eventually a TTL after which a session wocould be closed? > > Thanks in advance, > John > > >

The general translation is as follows: Hi! In Apache sling (Note: sling is another Apache project that uses jackrabbit persistence), we create a session for each request, we used the session pool (maintain a pool for multiple sessions opened by each user for reuse of subsequent requests ). However, it turns out that this is better than every request (!) Calling repository. login is more unstable and slow, so we are prepared to remove the session pool code in the near future. We do not use any http session. We do not share sessions in different requests. The reason for this is that the session object is thread insecure. Therefore, when reading data from the same session concurrently, it is generally safe (but not guaranteed) (I sweat .), Concurrent write from the same session is guaranteed to fail. Hope to help. Regards Felix (I will not translate the problem. I haven't eaten breakfast yet .)

Open Source