mmmm ... sounds a bit over-complex...
Do you have any other suggestions then? Should I put my sensitive information in the HttpSession by hand?
Another extension to Seam could be to keep SESSION components on the server just like PAGE components always are on the client.
Why do you want to use client-side state saving?
To keep the server as light as possible. With large tables and many users I really don't want to keep all that state on the server if that can be avoided.
Serializing back and forth between the browser and the server is usually much *more* load than keeping state on the server. You realize that server-side state can be passivated, right?
(Have you done performance tests?)
Sorry I haven't done any performance tests with JSF or Seam but you are probably right - server side is much better in just about every situations.
My suspicious attitude in this case is biased by prevoius experiances with (mainly proprietary) frameworks that took tremendous performance hits with many users and server-side state.
With modern techniques this might just not be problem any more.
Well, you should always be careful to not use *too much* conversational state. Too much useless garbage is gunna kill you with too much serialization/memory consumption however you slice it.
But as long as you are careful, and tune your session and SFSB passivation policies well, you should be fine.
But what if I want to use the myfaces implementation of JSF??
As stated in the docs (http://docs.jboss.com/seam/reference/en/html/configuration.html):
If you are using Seam in Apache MyFaces (and possibly some other JSF implementations), you must use client-side state saving. So you'll also need this in web.xml:
<context-param> <param-name>javax.faces.STATE_SAVING_METHOD</param-name> <param-value>client</param-value> </context-param>
Or is the doc behind the current state of the Framework?
This comment refers to state saving of the *UI* state, not the model state.
And, if you use the current CVS unreleased version of MyFaces, they have fixed a bug so that this is no longer a requirement.