4

I want to implement following solution (described in a image) using Java Web Services

enter image description here When ever a user request with a valid credentials using web services , a session is created over server and that server (who receives the request ) creates a connection with the other server i.e. Meta Trader's Server.

Here each user has a different session to maintain their connection and a state with meta trader server.

Note: Currently i am not maintaining any session when a user request instead i am saving the connection object in a 

  @javax.ws.rs.core.Context
  ServletContext servletContext;

  MyApplication application = new MyApplication();
  servletContext.setAttribute("application", application);

But this solution doesn't serve multiple users naturally. so please anyone has an idea how to solve the issue of serving multiple clients then please reply.

I am using Glassfish and JAX-RS ( Jersery 1.1 ) , JAXB

Hunt
  • 8,215
  • 28
  • 116
  • 256
  • Just a comment, I'd never use sessions in conjunction with web services (RS, WS-*). It does not scale and is painful in operations. – home Aug 27 '11 at 13:59
  • @home so what would be the other alternative , how would i expose the data by web services. You can see the Betfair APIs they have webservices exposed with the user sessions – Hunt Aug 27 '11 at 15:04
  • My comment is just based on personal experience. If APIs out there use server-side session state it seems to work for them. In general I prefer to maintain the state on the client, so resubmit it on each call (given that state is required at all). – home Aug 27 '11 at 15:33
  • @home , at user side i have rich user interface implemented , so how would i maintain the state at client side ? – Hunt Aug 28 '11 at 04:29
  • you could maintain it in JS variables - neverthess, this may not work if the user does a full page reload (e.g. perssing F5)... – home Aug 28 '11 at 11:28
  • Okay , but this will create a problem for me , i got to find something to implement this solution – Hunt Aug 29 '11 at 13:03
  • You can maintain session explicitly if use servlet/JSF and get better outcome than JAX-RS which is used frequently with stateless nature. I faced your case and ended up using JSF and then Spring controllers to keep session – Muhammad Attia Feb 04 '20 at 15:03

1 Answers1

3

Simply use the annotation @javax.ws.rs.core.Context to get the HttpServletRequest and use its session within the container in which Jersey is deployed.

The code below is a simple example of a jersey resource that gets the session object and stores values in the session and retrieves them on subsequent calls.

@Path("/helloworld")
public class HelloWorld {

    @GET
    @Produces("text/plain")
    public String hello(@Context HttpServletRequest req) {

        HttpSession session= req.getSession(true);
        Object foo = session.getAttribute("foo");
        if (foo!=null) {
            System.out.println(foo.toString());
        } else {
            foo = "bar";
            session.setAttribute("foo", "bar");
        }
        return foo.toString();


    }
}

But you should NOT use RESTful API like this. It meant to be used as web service which is stateless, not web application. Check the following answers which I got the example and advice from

(jersey security and session management)
https://stackoverflow.com/a/922058
https://stackoverflow.com/a/7752250

(How to manage state in JAX-RS?)
https://stackoverflow.com/a/36713305

(Get ServletContext in JAX-RS resource)
https://stackoverflow.com/a/1814788

Anddo
  • 2,144
  • 1
  • 14
  • 33