4 Replies Latest reply on Oct 20, 2010 6:55 PM by Jozef Hartinger

    REST, Weld and stateful apps

    Cloves Almeida Newbie

      I'm planning to build a e-commerce like app, but using a REST interface, so that the web-designers have full freedom in creating the front-end.


      I thought of using RESTEasy and Weld, but then I'm wondering on how to best solve the stateless/stateful issue. Even if not pure REST, I need to work with SessionScoped objects for stuff like authentication.


      I believe the best approach would be to:


      1) Catch the JSESSIONID param in the Stateless REST service bean.
      2) Activate the corresponding HTTP session.
      3) Work with the correct session-scoped bean instance (i.e. loginService.getCurrentUser() would return the expected user)


      Now the question is: How do I activate the session prior to bean injection?

        • 1. Re: REST, Weld and stateful apps
          Jozef Hartinger Master

          You do not need to do this programatically. By default, stateless requests do not create an HTTP session. However, if your service invokes a @SessionScoped component, a new session is created and a matching Set-Cookie response parameter sent with the response. On the client side, you use the cookie value to connect to the session in the following request. Again, you do not need to catch the JSESSIONID parameter on the server. This is done automatically.


          To sum it up, all you need to do to carry a state across multiple requests is to place @SessionScoped on your JAX-RS resource.

          • 3. Re: REST, Weld and stateful apps
            Nicholas DiPiazza Novice
            I have a session scoped bean and I'm not able to keep session for authentication.

            I have <resteasy:application destroy-session-after-request="false"/> set in my components.xml file.

            Why is my session lost in between each invocation?

            My code is below.


            @Scope(ScopeType.SESSION)
            @Transactional
            public class MyClass {
            @In(required=false) private User currentUser; // don't have to be logged in to use this class
                /**
                 * Do the login as a REST service.
                 */
                @GET
                @Path("/doLogin")
                public String doLoginRest(@QueryParam("userId") String userId, @QueryParam("password") String password) throws IOException {
                    Credentials creds = identity.getCredentials();
                    creds.setUsername(userId);
                    creds.setPassword(password);
                    identity.setRememberMe(true);
                    Context session = Contexts.getSessionContext();
                    currentUser = (User) session.get("currentUser"); // This at this point is NOT null, login worked!!!
                    return identity.login();
                }
                /**
                 * Test if the login worked
                 */
                @GET
                @Path("/testLogin")
                public String doTestLogin() {
                    Context session = Contexts.getSessionContext();
                    currentUser = (User) session.get("currentUser");
                    return ""+(currentUser != null); // This is false everytime
                }
            • 4. Re: REST, Weld and stateful apps
              Jozef Hartinger Master

              Your question is related to Seam 2 whereas this is Weld forum. Anyway, I think the problem in your code is that you are not pushing the user to the session anywhere. Try using this:




              @In(required=false) @Out(required=false) private User currentUser;