Introduction
The Web session (or http session) used to save the context of a Web application between a client and the application server can, in certain cases, be shared between multiple clients. This shared utilization can sometimes cause edge effects and abnormal behavior.
For example, all the tabs in an instance of the IE7, IE8 and Firefox browsers share the same Web session. Similarly, all instances of the IE8 browser or the Firefox browser share the same Web session by default.
To counter this problem, a "protected mode" has been introduced so that each browser instance+tab pair can use a dedicated Web pseudo-session.
The main principle behind protected mode is to add prefixes to the attributes stored in the Session implicit object. These prefixes are built in the form "psh<ClientSessionId>_". Each client has its own <ClientSessionId>, which is issued by the server when the client submits its first query.
In protected mode, this results in a Web pseudo-session (or http pseudo-session).
All Web pseudo-sessions relate to the same Session implicit object, with the prefixing system enabling the various clients to be dissociated from one another.
Protected mode applies to the following contexts:
Adelia 4GL Instructions
In protected mode, Adelia instructions that refer to the Session implicit object [i.e. GET_CTX, SET_CTX, DELETE_CTX and FREE_SESSION] now refer to the Web pseudo-session rather than the Web session.
To refer to the Web session, you must now use the 'global_session' level, for context instructions, and the *ALL(GLOBAL_SESSION) directive for FREE_SESSION instructions.
The VaToolBxAwsGetPseudoSessionId and VaToolBxAwsGetPrefixHTTPSession VaToolBx functions can now be used to retrieve the Web pseudo-session's ID and prefix, respectively.
These two functions return a *BLANK string if protected mode is not enabled.
Visual/Web Debugger
Protected mode also applies to the Adelia debugger: it is now possible to attach to a Web pseudo-session. To do this, simply identify and then select the row that has the right session ID and the right prefix.
Enabling protected mode
In order to be able to use protected mode, the Web application must have been generated entirely with Adelia Studio version V11 PTF03 or above. In addition, a SESSION_MODE key must be created (with the value set to 1) in the Web application's CfgConfiguration.properties file.
URL & Web pseudo-session
When a Web pseudo-session has been initiated and a JSP page generated with Adelia Studio must be accessed directly via a URL, the page can be assigned the Web pseudo-session's ID in order for it to remain in the same execution context.
This ID is set as the URL's final parameter (named AdeliaKeyClientId).
Example:
• If the URL already has one or more parameters:
...&AdeliaKeyClientId=<IdValue>
• If the URL does not yet have any parameters:
...?AdeliaKeyClientId=<IdValue>
Session Preparer and Pool Name
You can enable a specific session preparer (or specific session pool) by using the AdeliaKeySessionPrepName (or AdeliaKeyPoolName) attribute to assign a value to the Session implicit object.
It is not possible to set a value for these attributes from a front-end JSP page that was not generated for a Web pseudo-session using Adelia Studio. This is because the pseudo-session ID has not yet been created. It is possible, however, to create these attributes from a front-end JSP page generated with Adelia Studio using the SET_CTX instruction with the "session" level.
In protected mode, the system searches for the AdeliaKeySessionPrepName and AdeliaKeyPoolName attributes in the pseudo-session first, and then, if the search is unsuccessful, in the Session implicit object. This means that it is possible to use a dedicated session preparer (or a session pool) specified from a front-end JSP page that was not generated with Adelia Studio.