losing connection on server / localhost
4 posts
• Page 1 of 1
losing connection on server / localhost
Hi,
The problem occurs in my app whenever the user has no action in browser for some period of time and then return to site. My server app do not recognize the values of some variables that had been initialized for the user and were being used. (the value becames null and one app error occurs)
Perhaps I have to control the timeout using instructions in "onSessionEnd" to avoid this kind of error. But, I don't know if this really is the problem and how to solve it.
Could someone help me?
Thanks,
Marco
The problem occurs in my app whenever the user has no action in browser for some period of time and then return to site. My server app do not recognize the values of some variables that had been initialized for the user and were being used. (the value becames null and one app error occurs)
Perhaps I have to control the timeout using instructions in "onSessionEnd" to avoid this kind of error. But, I don't know if this really is the problem and how to solve it.
Could someone help me?
Thanks,
Marco
- Gantois
- Posts: 80
- Joined: Thu Apr 17, 2014 9:44 am
Re: losing connection on server / localhost
Hi Marco,
Depending on what your application is doing, there may be several pieces that need to work together for managing session timeouts.
First, there's the SessionTimeout setting in Config/Server.xml - the default setting is '30m' for 30 minutes.
If have any cleanup work (closing files, etc) that needs to be done when the session times out, then you'd create your own server class based on the MiServer class and override the onSessionEnd method
MiServer keeps an instance in the session of each page the user accessed. So, if your page has any cleanup it needs to do, you can use a public _Close method within the page. If your page doesn't have any specific cleanup to do, you don't need to write the _Close method.
The easiest way to check if the user's session has timed out is to check for the existence of a variable you set. If it's not there, the session is new, then do whatever initialization or redirection is needed and then set the variable. If the variable exists, then just carry on as normal.
The code below includes a stub function for _Close and a simple example of checking and setting a session variable. I set my SessionTimeout to 30s (30 seconds) and experimented with refreshing the page both before and after the timeout.
I hope this helps!
/Brian
Depending on what your application is doing, there may be several pieces that need to work together for managing session timeouts.
First, there's the SessionTimeout setting in Config/Server.xml - the default setting is '30m' for 30 minutes.
If have any cleanup work (closing files, etc) that needs to be done when the session times out, then you'd create your own server class based on the MiServer class and override the onSessionEnd method
- Code: Select all
:Class MarcoServer : MiServer
∇ Make config
:Access Public
:Implements Constructor :Base config
∇
∇ onSessionEnd session
:Access Public Override
⍝ The argument is a pointer to the session object so you can reference anything that you set within the session
⍝ Do any cleanup here...
∇
:EndClass
MiServer keeps an instance in the session of each page the user accessed. So, if your page has any cleanup it needs to do, you can use a public _Close method within the page. If your page doesn't have any specific cleanup to do, you don't need to write the _Close method.
The easiest way to check if the user's session has timed out is to check for the existence of a variable you set. If it's not there, the session is new, then do whatever initialization or redirection is needed and then set the variable. If the variable exists, then just carry on as normal.
The code below includes a stub function for _Close and a simple example of checking and setting a session variable. I set my SessionTimeout to 30s (30 seconds) and experimented with refreshing the page both before and after the timeout.
- Code: Select all
:Class SessionExample : MiPage
∇ _Close
:Access public
⍝ do any page cleanup (untie files, write log message, etc) here
∇
∇ Compose
:Access public
:If 0=_Request.Session.⎕NC'initialized'
_Request.Session.initialized←1
Add'Hello!'
:Else
Add'Welcome back!'
:EndIf
∇
:EndClass
I hope this helps!
/Brian
-
Brian|Dyalog - Posts: 116
- Joined: Thu Nov 26, 2009 4:02 pm
- Location: West Henrietta, NY
Re: losing connection on server / localhost
Marcos,
Yes, I have faced this "User Session Management" issue, as well.
One of the key points is to SAVE the Req.Session.ID (MS 2.x) along with the user login data.
So, when a user authenticates ... (login ID and PW are valid) ... you also store that user's Session ID ... and perhaps a ⎕TS time stamp also... just for good measure.
Next ... you may need to know if a user is ACTIVE ... or has left the session.
This might be another value.. the ⎕TS of the valid user's last transaction to your page.
The underlying data model might start to look like this:
USER_SESSIONS
User_ID .... Session_ID .... Session_Start_TS ..... Last_Trans_TS
Your cleanup routine (per Brian's post) might reference USER_SESSIONS to help with the cleanup.
Also, if a user returns... and their CURRENT req.Session.ID IS FOUND in your USER_SESSIONS table, then you know the user has returned and continues to working in their SAME MiServer APL Session.
However, if a user returns... and MiServer has terminated their old session due to TIMEOUT ... then, the user's Session ID will NOT be found in the USER_SESSIONS table ... and you would UPDATE that user's record (by the User_ID) to have the user's CURRENT req.Session.ID Login ⎕TS and last Transaction ⎕TS.
Your cleanup routine can inspect this table ... and perhaps DELETE the rows where the ⎕TS from last Transaction is older than 30 minutes... (or whatever setting you decide to use).
The user session is handled nicely by MiServer... by establishing a COOKIE in the user's browser. This cookie value is reviewed by MiServer... so the returning user is either processed in their current MiServer session .... or ... if the sessionID from the cookie is no longer active ... the user is given a NEW SESSION (and a new Cookie).
In our MiServer apps, I use APL Files to hold important user values ... so when a user returns... and establishes a NEW Session ... I read in the data values from the APL File, and re-establish the needed session variables.
This way, the user never knows the MiServer session has gone away.
One last thought...
You will need to decide how long you will allow a user to remain authenticated without session activity. The best idea is to leverage the built-in MiServer req.Session.ID to drive your cleanup of the USER_SESSIONS table.
So.. if a user comes to your site ... and their current Session ID is NOT found in the USER_SESSIONS table (e.g. APL file) ... THEN.. you should PROMPT THEM to LOGIN again.
And then update (or insert) the user's login record in USER_SESSIONS.
User_ID .... Session_ID .... Session_Start_TS ..... Last_Trans_TS
Cheers,
//W
Yes, I have faced this "User Session Management" issue, as well.
One of the key points is to SAVE the Req.Session.ID (MS 2.x) along with the user login data.
So, when a user authenticates ... (login ID and PW are valid) ... you also store that user's Session ID ... and perhaps a ⎕TS time stamp also... just for good measure.
Next ... you may need to know if a user is ACTIVE ... or has left the session.
This might be another value.. the ⎕TS of the valid user's last transaction to your page.
The underlying data model might start to look like this:
USER_SESSIONS
User_ID .... Session_ID .... Session_Start_TS ..... Last_Trans_TS
Your cleanup routine (per Brian's post) might reference USER_SESSIONS to help with the cleanup.
Also, if a user returns... and their CURRENT req.Session.ID IS FOUND in your USER_SESSIONS table, then you know the user has returned and continues to working in their SAME MiServer APL Session.
However, if a user returns... and MiServer has terminated their old session due to TIMEOUT ... then, the user's Session ID will NOT be found in the USER_SESSIONS table ... and you would UPDATE that user's record (by the User_ID) to have the user's CURRENT req.Session.ID Login ⎕TS and last Transaction ⎕TS.
Your cleanup routine can inspect this table ... and perhaps DELETE the rows where the ⎕TS from last Transaction is older than 30 minutes... (or whatever setting you decide to use).
The user session is handled nicely by MiServer... by establishing a COOKIE in the user's browser. This cookie value is reviewed by MiServer... so the returning user is either processed in their current MiServer session .... or ... if the sessionID from the cookie is no longer active ... the user is given a NEW SESSION (and a new Cookie).
In our MiServer apps, I use APL Files to hold important user values ... so when a user returns... and establishes a NEW Session ... I read in the data values from the APL File, and re-establish the needed session variables.
This way, the user never knows the MiServer session has gone away.
One last thought...
You will need to decide how long you will allow a user to remain authenticated without session activity. The best idea is to leverage the built-in MiServer req.Session.ID to drive your cleanup of the USER_SESSIONS table.
So.. if a user comes to your site ... and their current Session ID is NOT found in the USER_SESSIONS table (e.g. APL file) ... THEN.. you should PROMPT THEM to LOGIN again.
And then update (or insert) the user's login record in USER_SESSIONS.
User_ID .... Session_ID .... Session_Start_TS ..... Last_Trans_TS
Cheers,
//W
-
woody - Posts: 144
- Joined: Tue Dec 28, 2010 12:54 am
- Location: Atlanta, Georgia USA
Re: losing connection on server / localhost
Brian and Woodley,
I will think about how to apply these recommendations in my app, to make modifications and tests.
Thanks very much,
Cheers
Marco
I will think about how to apply these recommendations in my app, to make modifications and tests.
Thanks very much,
Cheers
Marco
- Gantois
- Posts: 80
- Joined: Thu Apr 17, 2014 9:44 am
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 1 guest
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group