Issue Details (XML | Word | Printable)

Key: MULE-3894
Type: Improvement Improvement
Status: Closed Closed
Resolution: Won't Fix or Usage Issue
Priority: Major Major
Assignee: Dan Diephouse
Reporter: Travis Carlson
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Mule

Sessions in Mule do not really behave like sessions

Created: 28/Oct/08 01:16 PM   Updated: 25/Nov/08 06:19 PM
Component/s: Core: (other)
Affects Version/s: 2.1.1
Fix Version/s: None

Time Tracking:
Not Specified

Issue Links:
Block
 
Related
 

Labels:
User impact: Medium
Effort points: 1.5


 Description  « Hide
A new instance of DefaultMuleSession is created upon each incoming event. I would expect a Mule Session to work like an HTTP Session where the session is a "conversation" with Mule consisting of several events correlated by a SessionID. Active sessions would need to stay in a cache until they expire. In regards to security, this means that a user would only need to be authenticated once per session.

 All   Comments   Work Log   Change History   Transitions   FishEye      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Andrew Perepelytsya added a comment - 28/Oct/08 01:42 PM
My understanding was the opposite - sessions span multiple services during the flow, but they do not outlive connections.

[ Permlink | « Hide ]
Travis Carlson added a comment - 28/Oct/08 01:57 PM
Right, that's how they currently work, but that's what HTTP refers to as the request context, so maybe there's a confusion in terminology here. At any rate, I think something longer-lived would be useful in certain applications (security, BPM), regardless of what we call it.

[ Permlink | « Hide ]
Ross Mason added a comment - 04/Nov/08 01:15 PM
Http session should behave as normal. the difference is that the HttpClient knows it needs to pass back the Session info (stored in cookies).

[ Permlink | « Hide ]
Ross Mason added a comment - 18/Nov/08 04:36 PM
Just to be clear, Mule should not cache sessions, rather session info should be serialised with the current message and it is up to the client to ensure that the session info is passed back. This is how HTTP works and Mule should follow suit.

[ Permlink | « Hide ]
Ross Mason added a comment - 18/Nov/08 04:36 PM
Dan, can you pick this up as part of the Acegi work?

[ Permlink | « Hide ]
Travis Carlson added a comment - 24/Nov/08 01:14 PM
After reading Ross' comments, I think I understand how sessions are supposed to work now, but I have created MULE-3982 for at least making this easier to understand (and making sure it works, as well).

[ Permlink | « Hide ]
Travis Carlson added a comment - 24/Nov/08 01:15 PM
Closing this since it apparently works as designed.


Powered by a free Atlassian JIRA open source license for MuleForge. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.1-#333) - Bug/feature request - Atlassian news - Contact Administrators