B4J Question [jServer/ServletRequest] Uniquely ID a request

[MathiasM]

Hello

I'm working with jServer.
Because of reasons, I buffer some incoming data for later use in the Filter chain. I was thinking of storing the data in a map with the "req" as the key and the data as value.
But I noticed that the data is retained between multiple request. So my guess is that the req instance is reused over multiple request (probably binded to 1 connection?)

I don't want to close the connection each time, as that would severely impact performance.

Is there a way to uniquely ID a request?

I have one option in mind: Generate an ID myself, and store it in the resp instance (in a header e.g) and remove it later on the Filter chain. It would work, but it's not really a nice solution.

Edit: While thinking, Filters in Jetty use the same thread for each request, ID'ing the thread could also be a solution.
Is it possible to ID the current Jetty thread from within a Filter?

Thanks for any help

 

[EnriqueGonzalez]

Hi! What you are looking for is req.getsession.get/set attribute. every call to the server creates/ retrieves a session without you haven't to do anything.

The req class will hold the information between calls to your servlet, but the req class will be a different one each time, so store what you need in the session and you will be good

 

[MathiasM]

Hi Enrique

Thanks for your help. I couldn't really reproduce your advice. req.GetSession.Id returns the same Id on multiple requests after eachother.
But! There is a req.GetSession.Invalidate method. If I just call that at the end of my Filter chain, the ID is 'brand new' for every request.

Thanks for your help Enrique, I bought you a coffee!

 

[EnriqueGonzalez]

Hi @MathiasM !

I bought you a coffee!

thank you! really appreciated .

what i meant is this one:

    req.GetSession.SetAttribute("id",2)
'this will create a variable id with value 2 for this session only

The session is based on a header key, to have a session you dont have to do anything.

later to retrieve the id value you can do:

    Dim id As String = req.GetSession.GetAttribute2("id",-1)
    If id = -1 Then
       log("not logged in")
   else
      log("logged in")
   end if

indeed session invalidate will delete all the info just for that info.

if you want to get extra information (from a map or a DB) based on a key that you got from req.getSession.GetAttritube2

you could create your own identifier like this:

Dim guidST As JavaObject
    guidST.InitializeStatic("java.util.UUID")
    Dim guid As JavaObject = guidST.RunMethod("randomUUID",Null)
    Dim guidStr As String = guid.RunMethod("toString",Null)

this will create a long string of random characters that you could set in setAttribute and later use it elsewhere.

I hope it was clearer this way.

 

[aeric]

If you followed the login example, you should understand that the server can handle multiple users login. Each connection has it’s own request and response. And each of them has it’s own session property. You set the session to store the value of a unique id. For example, when a user submit username and password that match in the database then the server can store the user id (or username) as a session variable as long as the session alive. You use invalidate to clear all these sessions variables when the user logout.

[Server] Login System & Filters Tutorial

Try it online: https://www.b4x.com:51042/login_example/ Note that it is not connected to the forum database. Feel free to test it and register new users. Its only purpose is to demonstrate this solution. Login Example A typical web solution consists of several folders. In this case the...

www.b4x.com

 

[MathiasM]

Thanks for the replies @aeric and @Enrique Gonzalez R

I do in fact know the concepts of Session pretty good, my problem was that I'm developing an API. And I ruled out Sessions as a technique because a REST API is by definition stateless (and thus Sessionless). But I can use a session variables during the filter chain, and invalidate the session. That way the session variables are unique to ever request.

Thanks a bunch!

 

[aeric]

I show you how I did it (using API key and authorization token)

[B4X] User Login App + [B4J] MySQL API Server (Key + Token)

Update: I recommend you to also take a look at my latest Web API Template if you want to develop B4X client apps connecting to MySQL/SQLite backend web server using JSON format API. Finally I would like to share my B4J API server written in B4J. Compare to my previous PHP API, this API server...

www.b4x.com