Simplest application and session

Hi,

Sorry in advance for this dumb question. I don’t have much experience with Java web development :slight_smile:

Say for example that I have an extremely simple Vaadin application. A text field and a button. User enters something into the text field and presses the button. The application does something useful, then displays a result with a notifcation.

After the result is displayed, what do I do with the session? The application has served it’s purpose, so leaving it to time out on its own seems like a bother with the warning message and all. Can I close it explicitly? If so, would that clear the value in the result area?

Basically I just want a simple application without the need of sessions timing out. Is something like this possible with Vaadin

It should be possible to close the session. Based on you description I wrote the following:

// Text field
TextField tf = new TextField("Some input");
tf.setImmediate(true);
tf.focus();
layout.addComponent(tf);

// Button
Button b = new Button("Click me");
b.addListener(new Button.ClickListener() {
    public void buttonClick(Button.ClickEvent e) {

        // TODO: Process
        getWindow().showNotification("Processed: "+tf.getValue());

        // Session invalidation
        Application app = _w.getApplication();
        WebApplicationContext ctx = (WebApplicationContext) app.getContext();
        HttpSession session = ctx.getHttpSession();
        session.invalidate();
    }
});
layout.addComponent(b);

Untested, but at least the concept should work.

Also note that there is
Application.Close()
Application.Close() method to invalidate single application instead of the whole session.

Thanks for the reply. This is similar to what I am currently doing, but as soon as the session is closed all data in the GUI is lost. For instance in your example the notification never gets shown and the text field is cleared as soon as the button is clicked.

I guess I want to have my cake and eat it too. That is, no session (or very short lived session) but keep the GUI state after the user clicks the button.

I just can’t seem to find a way to close the session but keep the gui state though. Is it possible, or am I on the wrong track?

If not possible, can I make the session time out without warning the user about it? I want session state to be completely invisible to the user. (e.g no login, etc… my requirements are very simple)

Thanks!

Hmm… I didn’t see this coming, but I don’t argue. :slight_smile:

I was reasoning that the event request/response gets handled and the message is shown before the http session actually gets invalidated (the next event request will of course fail). Well, it seems that the client-server communication manager is not designed for this and might be too unpredictable for this kind of hack…

Yes. Vaadin applications are stateful applications. The application and it’s UI state is in practice stored in the session, so without it the application UI cannot exists.

I mentioned the other way of calling Application.close(). That closes the application (invalidates the application instance, but not the whole session) and forwards the user to predefined logout URL. Anyway, in this case you must also first complete the user interaction before closing the application, but you have a little more control what the user sees after this “automatic logout”.

And one more question: Why are you concerned about the lingering http sessions? I think that it is possible to build the application so that user never “sees” the session. I guess that in some way you still want them to see the state - otherwise you are talking about a single http request-response cycle and for that a jsp page or a stateless servlet may be more suitable option.

Yes, a simple http request-response cycle is precisely what I’m after. The application doesn’t really have a need for the notion of login/logout. The user enters a few pieces of data, clicks a button and gets a result.

I realize a jsp page might be more suitable for this, but I would love to have access to Vaadin’s great UI components and easy development model :slight_smile:

I totally understand your eagerness here. I do that too. :slight_smile:

However, you’ll have to be ready for some trade-offs in situations like this, and kind of “program the statelessness back to the application”.

I think that having a short session timeout or some extra user initiated (or automatic) event that can triggers the session invalidation shortly afterward are some options (this is actually what I first suggested, but within the same http-cycle it was too soon).

Also you might consider using the ParameterHandler or URIHandler to reinitialize the UI on every page request.

Any of these does not actually make it stateless, but from the users point of view it will mostly look like it. And the user experience is what you want to focus on, right? :slight_smile:

If I understood the need correctly, you might just be able to do something like this at the same time you’re updating the UI:


((WebApplicationContext)getApplication().getContext()).getHttpSession().setMaxInactiveInterval(1);

…that would make the session expire after one second of inactivity.

Note however that pressing a button after that will produce a ‘session expired’ message unless you turn it off. Reload will work as expected, though.

The bottom line, however, is that you can not close the session AND maintain state - you can only show the last state, but it’s not actually maintained, and the user can not continue from that state.
So if you want to do it this way, you should make sure the result page contains no inputs (textfields, buttons, …), only static information and a ‘back’/‘again’ -link that reloads the application.

Best Regards,
Marc