jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Lukin <lu...@stu.cn.ua>
Subject Re: Sharing a Session or a Session per web user
Date Tue, 27 Nov 2007 08:28:28 GMT
Hi there!

Monday 26 November 2007 18:27:23 Jukka Zitting написав:
> Hi,
> Personally I'd recommend allowing only a single concurrent thread to
> use a session. Even though multiple concurrent threads may work fine
> with current Jackrabbit, this hasn't really been very well verified
> and some of the cache data structures might well hide serious
> concurrency issues. It is also possible, perhaps even likely, that in
> some future release Jackrabbit will start explicitly synchronizing
> access to a session to simplify and streamline internal locking
> mechanisms.
> BR,
> Jukka Zitting

That sounds very good because as for me it is good idea to keep in sync 
HttpSession and javax.jcr.Session. May be I'm wrong but anyway... every 
application that cares about rights on repository data must associate web 
session with JCR session.

I use model 2 repository with container authentificatoion. At this stage of 
development I use single user for repository access but I need more 
fine-granted security on repository. 

When I need to aquire JCR session usualy I need login and password, but I do 
not have password, it is "swallowed" by container.  Is there standard way to 
get JCR session from J2EE container for already authenticated user with the 
same user principial as authentificated Http session?

SY, Alex Lukin

View raw message