Using Cayenne Servlet Filter can bring the web application down

From: Borut Bolčina (borut.bolcin..mail.com)
Date: Mon Sep 14 2009 - 04:07:04 EDT

Next message: Michael Gentry: "Re: Using Cayenne Servlet Filter can bring the web application down"

Previous message: Nishant Neeraj: "Re: Sorting and Pagination in Many-to-Many relationship"
Next in thread: Michael Gentry: "Re: Using Cayenne Servlet Filter can bring the web application down"
Reply: Michael Gentry: "Re: Using Cayenne Servlet Filter can bring the web application down"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I think web developers should be given an advice at
http://cayenne.apache.org/doc/web-applications.html that if using Cayenne
Servlet Filter the web application can be brought to a halt if a malicious
user sends lots of cookie-less requests (every request bounds data context
to a new session). We were testing our app with JMeter and found out we can
not afford to use filter approach.

It would be of most value if some debates from the mailing list about how to
use DataContext based on different web application needs would be at the
http://cayenne.apache.org/doc/obtaining-datacontext.html. What I have in
mind is a tiny cookbook, just two or three recipes, on why it is good to
gave one data context shared for all users, some data context created for
each request, some saved in the session, when not to put dc in the session
etc.

Should I open an issue in the JIRA?

Cheers,
Borut

Next message: Michael Gentry: "Re: Using Cayenne Servlet Filter can bring the web application down"
Previous message: Nishant Neeraj: "Re: Sorting and Pagination in Many-to-Many relationship"
Next in thread: Michael Gentry: "Re: Using Cayenne Servlet Filter can bring the web application down"
Reply: Michael Gentry: "Re: Using Cayenne Servlet Filter can bring the web application down"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2.0.0 : Mon Sep 14 2009 - 04:07:49 EDT