Java – HTTP Session: A single object or multiple

httphttp-requestjavasession

I tested two approaches to store session data:

The classic: 1 key, 1 object (And every key as static final String in a class)

"user" –> UserObject

"preferences" –> List

…

An approach with only 1 object

"sessionObject" –> SessionObject

And my SessionObject contains UserObject and the list of preferences as attributes. This is a fairly simple example but imagine it with 20+ attributes.

The advantage I see in the second approach is that :

You only have to delete one key to ensure session is empty
You don't have to create the bothersome set of final static String to create the keys
You'll know what type of object to retrieve (Using key you have to cast)

Do you see any problem I might went over? Or does anything go against best practices?

Best Answer

1 key, 1 object will be more predictable regarding interaction with app server and possible session replication techniques. Not sure what you mean by "set of final static String" being necessary. You may manage session keys any way you like.

Consider you have 20 preferences, and perhaps your preferences class has an enum of preference names. Could get/set session a little bit indirectly:

class Preferences {

    private static final SESSION_KEY_PREFIX = Preferences.class.getName()+'.';

    enum Name {
        LOCALE,
        ...
    }

    static String get(HttpSession session, Name name) {
        return (String)session.getAttribute(SESSION_KEY_PREFIX + name.name());
    }

    static void set(HttpSession session, Name name, String value) {
        session.setAttribute(SESSION_KEY_PREFIX + name.name(), value);
    }

    static void clear(HttpSession session) {
        for(Name name : Name.values()) {
            session.removeAttribute(SESSION_KEY_PREFIX + name.name());
        }
    }
}

You may then add preferences by just adding to the enum, and all specific interaction with the session is encapsulated.

This example pretty trivial so the Preferences class itself could also become an enum instead, without a separate "Name" enum. Which could be:

enum Preference {
    LOCALE,
    ....;

    private final String sessionKey = Preference.class.getName()+'.'+name();

    String get(HttpSession session) {
        return (String)session.getAttribute(sessionKey);
    }

    void set(HttpSession session, String value) {
        session.setAttribute(sessionKey, value);
    }

    static void clear(HttpSession session) {
        for(Preference pref : Preference.values()) {
            session.removeAttribute(pref.sessionKey);
        }
    }
}

Related Solutions

Java – RequestContextHolder.currentRequestAttributes() and accessing HTTP Session

I would approach this problem a bit differently. Let's assume you need only an attribute "attr1" from the session. So what you actually should do is to get this attribute in @Controller pass it to your calculation logic class (@Service), return the result of the calculation back to @Controller and store it in session. Thanks to that your calculation logic will not be independent from a web layer (HttpSession), hence reusable.

E.g.:

@Controller
public class AController {

    @Autowired
    private SomeCalculationService someCalculationService;

    @RequestMapping(value = "/", method = RequestMethod.GET)
    @ResponseBody
    public Account accounts(HttpSession httpSession) {      
        MyData myData = httpSession.getAttribute("attr1");
        SomeResult someResult = someCalculationService.calculate(myData);
        httpSession.setAttribute("attr2", someResult);
    }
}

RESTful Interface – How Do Searches Fit In?

You should not forget that GET requests have some superior advantages over other solutions:

1) GET requests can be copied from the URL bar, they are digested by search engines, they are "friendly". Where "friendly" means that normally a GET request should not modify anything inside your application (idempotent). This is the standard case for a search.

2) All of these concepts are very important not just from user and search engine, but from an architectural, API design standpoint.

3) If you create a workaround with POST/PUT you will have problems which you are not thinking of right now. For example in case of a browser the navigate back button / refresh page / history. These can be solved of course, but that's going to be another workaround, then another and another ...

Considering all this my advice would be:

a) You should be able to fit inside your GET with using clever parameter structure. In extreme case you can even go for tactics like this google search where I set a lot of parameters still its a super short url.

b) Create another entity in your application like JobSearch. Assuming you got so much options, its probable that you will need to store these searches as well and manage them, so its just clearing up your application. You can work with the JobSearch objects as a whole entity, meaning you can test it / use it easier.

Personally I would try to fight with all my claws to get it done with a) and when all hope is lost, I would crawl back with tears in my eyes to option b).

Best Answer

Related Solutions

Java – RequestContextHolder.currentRequestAttributes() and accessing HTTP Session

RESTful Interface – How Do Searches Fit In?

Related Topic