ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button
Article:
  The PHP Scalability Myth
Subject:   Hidden variables for session state?
Date:   2003-10-17 11:39:41
From:   anonymous2
"Transient user interface information is stored in hidden variables on the web page."


Are you out of your mind? In "J2EE Core Patterns" they mention this architecture in passing as an example of how *not* to do it. It's insecure because a user can put any damn thing they want in those hidden variables. There are also bandwidth issues unless you keep that state very, very small, which is possible for simple Web apps but not for highly interactive sites.


If you require the ability to failover the presentation tier without losing active sessions, Weblogic supports HTTP session state replication via RMI: if the servlet changes the session, Weblogic will use RMI to send the change to the standby server, so that if one node in your presentation tier fails another can take its place starting with the session state just as the original node left it. The user doesn't need to know anything has happened.


1 to 2 of 2
1 to 2 of 2