Hi,
We ran across an interesting problem with sessions being automatically saved by Transaction.py. We had a situation where two AJAX requests were issued and one of the requests updates the session and it started and completed within the lifetime of another request. In that scenario the completion of the first request overwrites the session and the changes to the session made by the shorter request are lost. 

Here's an easier to follow timeline:
Request 1 - reads session (assume session is empty)
Request 2 - reads session (assume session is empty)
Request 2 - adds data to session
Request 2 - sleep() called - session is stored (session contains data)
Request 1 - sleep() called - session is stored (session is now empty - the value of the session when Request 1 read it)

So when later requests go to read the data stored in the session by request 2 the data isn't there.

Here's the code from WebKit.Transaction:
def sleep(self):
"""Send sleep() to the session and the servlet.

Note that sleep() is sent in reverse order as awake()
(which is typical for shutdown/cleanup methods).

"""
self._nested -= 1
self._servlet.sleep(self)
if not self._nested and self._session:
self._session.sleep(self)
self._application.sessions().storeSession(self._session)

We put a hack in the longer running AJAX page's sleep() to keep the session from being stored since it doesn't modify the session:
def sleep(self, trans):
    trans._session = None

Is there an official way to disable the automatic storage of sessions?

If not there are a number of ways to resolve this problem more generally:
- Explicit session saves by servlet - Transaction never calls storeSession()
- Explicit opt in/opt out of session storage by servlet
- Explicit opt in/opt out of session storage by AppConfig
- Extend Session functionality to keep a "dirty" flag and only automatically save the session if it has been modified during the request/response.

IMO Webware shouldn't be saving the session automatically at the end of each request. I'd rather the servlet logic explicitly decide when and if to save the session, but this would break backward compatibility. I'd be happy to supply a patch if we can decide on a way forward.

Best Regards,
Steve
Blog: http://tech.agilitynerd.com/