views:

159

answers:

1

What's the best way to persist user state with Tomcat/Scala? My first thought is to keep account information on the session at all times and redirect the user to a login page if there's no information on the session for the account. Is this a viable model, or is there a smarter way of persisting user information? I'm trying to replicate a basic shopping cart site, and I'm just thinking through the problem right now.

+2  A: 

There are many ways to skin this cat. You could store your information in the session, provided that your objects are light weight enough (and your traffic volumes are low enough). This is probably the easiest solution but you may run into difficulty when you need to scale or cluster.

From experience the Tomcat scaling, clustering, db session store, etc. didn't work very well for me.

Another way would be to manage your own token with a cookie. You then store the actual information for a given user token on the server. The most naive implementation would simply have an in-memory Map but this will have the drawback of loosing all the data when you restart the app.

You can persist the information to database and do a lookup with the user token on every request (perhaps with some caching strategy). This also allows you to scale to multiple app servers without too much concern around clustering - each instance simply looks up the user token and does a lookup request on the shared database.

If you wrap the actual implementation behind a nice interface you could start with the easy/cheap session solution and gradually move to a more complex implementation if you need to later. One caveat is that you'll have to take extra care not to leak servlet specific information into the interface on your first implementation.

leonm