Friday, 9 July 2010

Concurrency problems in jsp Pages

I'm so ashamed that I didn't notice this problem sooner, but apparently servlets (and, therefore, jsp pages too) are instanced and put into a pool for multithreaded use.

This has the very bad effect of messing with your class variables.

So, do NOT do the following:

<%!
// authentication && authorization

/* name of the current user logged in */
private String itsPlayerName;

private Logger itsLog = Logger.getLogger("mmud");
 
/* password of the current user logged in, unsure if used */
private String itsPlayerPassword = "";
 
/* sessionid/cookiepassword of current user */
private String itsPlayerSessionId;

private StringBuffer contents = new StringBuffer("");
%>

A JSP page is by default thread unsafe. This means that multiple requests, started in multiple threads for a specific JSP access the same Instance.

Do not make your JSP page threadSafe="true". It will become a performance nightmare.

If you are interested, the following is put in the javadoc of the javax.servlet.Servlet interface service method:

Servlets typically run inside multithreaded servlet containers that can handle multiple requests concurrently. Developers must be aware to synchronize access to any shared resources such as files, network connections, and as well as the servlet's class and instance variables.

Posted by at No comments:
Labels:

How to Transmit New Objects To REST Service

One of the reasons for adding this, is because there was a huge lack of POST/PUT/DELETE/HEAD examples out there, and I thought I should do my part. Although the principles are the same as with GET.

I've been at it for some time now, and for some reason there always seem to be one or two things that go wrong when creating a new REST Service, even though I've created a working REST Service not two days ago. That in itself is kind of frustrating.

Check out Japod's Blog for starters. In order to use more complicated Data Structures in REST, these need to be defined in a derivative of the JAXBContext class.

Personally, I really don't understand why that same cannot be done using simple Annotations, but that's just me.

Then there's the security issue. How to see who the person is that is accessing the webservice. Luckily, I found me some help here.

There seems to be some confusion regarding the mapping of the HTTP calls3, which I've tried to put in the picture above.

Updated 14/09/2014.

References

[1] Why PUT and DELETE?
http://www.artima.com/lejava/articles/why_put_and_delete.html
[2] rfc2616
http://www.ietf.org/rfc/rfc2616.txt
[3] Wikipedia - Representational state transfer
http://en.wikipedia.org/wiki/Representational_state_transfer#Architectural_constraints
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)