I have searched a lot on stackoverflow questions but I couldn't find the solution that fulfill my requirement; if any one known about reference that exactly match my requirement please comment otherwise answer it.
I am developing Enterprise application using Spring Framework in team, I have successfully integrate the "JMS" using ActiveMQ in application.
In this application User A send message to User B if user B is online otherwise not!
My Question is that how to check that User B session is live or not before user A message send to User B
Thanks In advance
Yasir Shabbir
it depends how you make communication with user B.
use web sockets to make push notifications to verify the status and push messages to user B.
client can regularly poll the server to get data if arrives from any user (in this case user A). if user B is online then only yhe polling can happen so it would be like user B gets a message from user A when he's online.
You need something that monitor the users http session.
The simple approach is to have a Map or Set. Put the usersId (or what ever you use to identify them) in that Map/Set when ever they login, also put hat Id in the Session. Then use a HttpSessionListener to get notified when ever a session get destroyed (that is the closest thing to SessionTimeOut you will get). When the Session gets destroyed the remove the userId from the Map/Set.
(BTW. there is a new Spring Project: Spring-Session, I did not have a look on it up to now. Maybe it contains support for that problem.)
An easy way if you have a small number of clients is to use request-reply over messaging in conjunction with topics. Have all user sessions listen to topic (pings or similar). When a client wants to see who is online, they send a message (the contents of the body don't matter) and set the JMSReplyTo and JMSCorrellationID headers to identify a temporary queue that they are listening to for replies. The listening parties will pick up this message and all send back a message containing their ids. That way you have a living cache on the sender as to who is currently "online", the cache should expire every couple of seconds.
Take a look at http://activemq.apache.org/how-should-i-implement-request-response-with-jms.html
Related
I have Spring WebSockets configured and working. Clients subscribe to a specific topic (e.g. /topic/contract/contract_id) and whenever there's a message for that contract/topic, they receive it.
The issue is that certain types of messages being sent to this topic are sensitive and should only be received by some clients, but not others. So I need to analyze a message that's being sent when it's being sent, the clients that are subscribed to receive it, and let it through for some clients but not for others. Is there a way to do this in Spring WebSockets?
It sounds like you are using Pub/Sub pattern. I am no expert on Spring Web Sockets, but it sounds like a dilemma on a higher abstraction and not on the level of data transmission.
There are two things you can do:
Either disallow specific clients to subscribe to the channel at the first place, but it sounds like some messages are sent through, some are not. Hence I'd recommend the second option:
Maintain public (group like) and private channels.
In the first case just intercept the end point or service that is being called during subscription, and throw a Security exception or communicate somehow disallowed join.
In the second case, have a unique strong id for the channel name, that is known only to those who concerned, and they can listen to private messages.
I had experience with the second case and it worked perfectly, although we had no critical information as it was part of a game, so only one player can receive that message and not the group.
My target is to build an MQTT publish/subscribe like service by only exploiting Elasticsearch.
The case study scenario I would like to implement is this:
User A create a message (document) inside the Elasticsearch index
User B is warned and updated about the new message on the index.
I'm using plain java clients, since in Android I can't use the High Level Elastic search client.
I have everything that allow me to send and read documents from the ES index, but I would like to find the best way to implement a subscription service for User B, without forcing him to poll for updates every few seconds.
About this I don't know where to start. I didn't find any trigger/websocket service available in ES. Please help with some ideas / documentation.
You can use Elastic Search Watcher to trigger an action when a specific condition is met. An example use case is if you ingest live data from Meetup.com in your Elastic Search instance and want to receive email notifications about events you might be interested in.
For your specific use case, you could create a watch that triggers when User A adds a document in the index. The watch action could be to send an email to User B or call your own API in charge of notifying all users that have subscribed to User A (see Webhook action).
I haven't tried it myself, but this seems like a good place to start.
I am creating an app store for digital services. I want the user to be able to choose multiple products with different quantity before confirming the order and pay for the services. This requires that something keep state. From REST Wikipedia:
Each request from any client contains all the information necessary to service the request, and session state is held in the client.
I got state that I need to keep somewhere, and I also have a flow. The flow I can mange, but it is the state that I don't understand how and where I should store. The user may add several products to a shopping cart before checking out.
I have thought of a endpoint like this where you post a cart-item object each time you want something.
POST /shopping-cart
But I shouldn't use HTTP sessions if I understand it right? I have seen someone saying to store it in database but would you use a in memory database then? When should i flush the database if the user doesn't confirm and pay? I could need some input on what I should do to keep it simple and RESTful.
I am using Spring 4.x and Java EE for the record.
But I shouldn't use HTTP sessions if I understand it right?
Correct.
I have seen someone saying to store it in database but would you use a in memory database then?
You should keep in in a disk-storage database. This allows you to add nodes to your server without having to worry about routing all requests from one client to the same node.
When should i flush the database if the user doesn't confirm and pay?
That's a business decision.
I'm implementing a dynamic notification system (a la Facebook) for my website with the help of the Servlet 3.0 API. My planned structure to support this functionality is:
On each page load, send an XMLHTTP "get"
request to the server
Allow the server to create AsyncContext objects
from these "get" requests and store
them in an application-scoped map
keyed by the user's website ID
Whenever a user engages in an action
that spawns notification, query the
application-scoped map for IDs of
the user's friends, and using the
AsyncContext objects stored there, send
the notification to each friend.
Each of the friends receive the
notification.
My question is: is it necessary to make this map thread-safe? In the worst case scenario, a function acting on behalf of the "notification-sending-user" would send the notification to a stale async-context in the map, either because the user is it corresponds to is currently switching pages and has yet to send a new XMLHTTP request, or has logged out.
On each page load however, I also have code to retrieve all notifications in the database newer than the "last checked date", so on page load, notifying the user doesn't rely on the dynamic notification system. So, the user will still get the notification if he is switching pages (and obviously the concept of notifications is not relevant if the user logged out).
Given this information, are there any scenarios that would require the map to be thread safe?
You might not need exact consistency.. but you still don't want ANY threads reading to a normal hashmap while it is being written to (an add could cause a rehash and put the getting thread in an infinite loop).
Also, this plan won't scale super well past 1 server. If that is OK.... just use a ConcurrentHashMap.
I've been always trying to avoid using Sessions. I've used spring security or other ways of having user logged in the application, which is I suppose the major use case for using Sessions.
But what are the other use cases ? Could you please make a list of those most important ones ? How come that I've been able to develop even complicated applications without using Sessions?
Is it because I'm using spring-mvc and using Sessions is practically not needed except the login stuff ?
EDIT: Guys this question was asking for use cases... Most of the answers explains what are sessions for. If we summarize some usecases, we can say for sure, when to use database or sessions for maintaining conversation state...
Don't you remember any concrete scenarios you needed sessions for? For past years :)
for instance some conversational state may become persistent after some point / event. In this case I'm using database from the beginning.
I think you can do anything you want without storing anything on a sessions.
I usually use the sessions to avoid having to pass state between the client and server (used id as an example) and when I don't want to send sensitive information to the client (even in encrypted form) as it might be a security problem.
Other ways of avoiding using the session are:
store some state on a database, e.g. shopping carts, instead of in the session, even if the cart is discarded after a certain amount of time.
store state in cookies e.g. for user customization
One use case when it's really useful to use the session is for conversations, although usually frameworks manage that behind scenes, and store the conversation in the session.
edit
Converstions (in my understanding) are something like wizards, in which you complete several forms in different pages and at the end you perform the action. e.g. in a checkout process, the user enters his name, shipping address and credit card details in different pages, but you want to submit the order just at the end, without storing any intermediate state in your DB.
By sensitive information I mean, imagine in the previous example, once the user sent his credit card details, you shouldn't return that information in any format (even encrypted) to the user. I know it's a bit paranoid, but that's security :).
In the ecommerce system i'm working on, there is an external system at the back-end which stores users' saved shipping and billing addresses. Our web app talks to it by making web service calls to retrieve those addresses. When we get the addresses, we store them in the session. That way, we only have to call the service once, when the user firsts looks at their addresses, and not every time we serve a page which needs address information. We have a time-to-live on the addresses, so if the addresses change (eg if the user telephones the customer service desk to change an address), we will eventually pick up the fresh ones.
It would be possible to store the addresses in our database, rather than in the session. But why would we? It's transient information which is already stored permanently somewhere else. The session is the ideal place for it.
Well in one sense your question is deep (what's SPECIAL about a session is worth knowing) and in another sense it's shallow (what can't I do if I don't use them turns out to be a somewhat odd question)
In the end a Session is merely (or could be) a ConcurrentHashMap (in fact it usually isn't that threadsafe) with a a key of unique session id passing as the cookie. You know why it's useful, but to answer you for use cases
clustering (this is how state gets distributed across nodes)
caching general state of the user and their objects (as opposed to reloading from db each time)
built in methods for sessionlisteners to watch when someone is timed out, or attributes change.
= used for by a lot of localization utilities
Can you do all this with a database or your own hashmap implementation/filter? Of course, there's nothing magical about Sessions. They are merely a convenient standard for having some objects follow a logged in user and be tied to the lifetime of that user's use of the application.
Why do you use Servlets? You could also implement your own socket level standard? The answer to that is using standard apis/implementations provides convenience and other libraries build upon them.
The cons are
you are reinventing the wheel and some code that has been time tested
you won't be able to use a lot of built in facilities for monitoring/managing/clustering/localizing etc.
Sessions are one way of maintaining conversational state across multiple requests (e.g. multiple stateless HTTP requests.)
There are other ways of implementing conversational state, for example, storing an authentication token or some suitable conversation id as a cookie and maintaining a store of conversation id to session state. (In essence, duplicating what the app server is doing when it provides sessions.)
That you haven't needed to use sessions means that your application either doesn't need conversational state or you've implemented it in a different way. For example, perhaps your application uses an authentication token (say a cookie) and persists all state changes to the database. With that kind of arrangement, there is no need for a conversation state.
Hi you can take an example of shopping cart because since Http is stateless protocol it does not maintain the status of the user who sends the request.
For e.g.
If one user sends a request to buy camera from say eBay and after some minutes another user sends a request to buy laptop.
But since http is stateless protocol so server is not able to separate the request send by the users and may it happen that the bill of the laptop may be given to first user.
So through session we can maintain a particular entity over the server side for a particular user.