On Thu, Mar 3, 2011 at 9:28 AM, Christoph Zwerschke <cito@...> wrote:
> IMHO the most simple solution would be to keep a "dirty flag" (set
> whenever __setitem__ or __delitem__ is called for the session) and then
> save the session only when the dirty flag has been set. This will also
> be good for performance. We could also add an AppConfig setting for
> manual saving (False by default to maintain backward compatibility). In
> this case, the dirty flag would not be set automatically, but by calling
> a save() method on the session.
> But I'm already seeing a problem with that approach: Since the
> lastAccessTime is stored along with the session, it will not get updated
> if the session is not saved, so the session will expire too early if the
> user does not do anything that alters the session.
I kind of don't care if the lastAccessTime isn't updated in this session
saving "mode". We use very long session expiry times so if a "read only"
user had to relogin a little more frequently I don't think it would be an
issue that anyone would notice. Also for our system at some point they will
perform an action that modifies the session.
Since this is a new feature which Webware users would have to turn on I'd
recommend we do "the simplest thing that works" and provide a new config
setting for Sessions that takes multiple values:
"EveryRequest" - default and current functionality
"WhenChanged" - only saves when add/delete has been called