Thursday, May 3, 2012

Bad Practice for Session Scope Access in ADF BC

Few months back I had a blog post which started discussion in ADF community - if its good or bad practice to access Session Scope in ADF BC - How to Access Session Scope in ADF BC. In this blog post I was describing ADF public API method which gives access to the Session Scope object in ADF BC. Is it good or bad practice? Well - there always must be common sense, when thinking about architecture. I believe its Ok to access Session Scope object in ADF BC in exceptional cases, but this should not become a rule. If to be more precise - you can access Session Scope in ADF BC, if this will not violate MVC pattern (if you still will be able to run ADF BC separately, without ADF UI present). For example, you need to access current Web client IP info, etc.

In this post I would like to show one of many scenarios, when you should avoid accessing Session Scope in ADF BC - SecurityFormLogin_v4.zip.

Application Module Implementation class contains two methods:


First method gets parameter from Session Scope. Second method gets parameter from function argument. Both methods execute View Criteria and initialize Bind Variable value from input value.

Second method is not accessing Session Scope, but rather gets input value from function argument:


Both methods are exposed through Application Module interface:


In Login bean, Session Scope variable - "depName" is initialized with value "A". This value will be accessed from first AM method:


Second method gets parameter declaratively, through ADF bindings - because it accepts function argument:


From ADF UI both methods work great - results returned are correct:


Both methods initialize Bind Variable, search is executed:


If you try to test first method from ADF BC tester - you can't. MVC pattern is violated, you can't set input argument value - Bind Variable will not be initialized:


Be very careful, when you are accessing Session Scope directly in ADF BC. While it works, it always will be quick and dirty type solution - you may pay expensive price for it in the future.

7 comments:

Raghuraman said...

I believe I do a safe way to pass session scope values to model layer. I have custom JU Application class. Thats the place where we can access both Application module and http session. I always get my put my objects in a collection object and keep it in http session. I pass the reference of this collection to Application module's user data!!

Andrejus Baranovskis said...

Hi,

I think you should read this post more carefully. Its not about the method how you access Session Scope - its about that you should never do it, unless for exceptional cases. Because when you use session scope variable data in ADF BC, it breaks ADF design conception.

Regards,
Andrejus

drtodor said...

Andrejus,
I was wondering what would you do in the following scenario: When our user logs-in into the system, after the authentication, we read about 50 parameters related to this user. In old design, we stored those params into the HTTP session. Mostly we used these parameters later on to render certain components in various pages using EL. But also we used some of these params to setup some VOs. Any input is appreciated.

Andrejus Baranovskis said...

Hi,

I would store all those parameters inside VO row, and declare this VO inside Shared AM. This means it will be accessible across entire system.

Andrejus

Anonymous said...

Dear Andrejus,

Exactly what i have been looking for !!! I have been scratching my head for quite some time
https://forums.oracle.com/forums/thread.jspa?threadID=2396615&tstart=0

Can you just put a blog on what exactly you meant in your reply to drtodor.

thnks

Andrejus Baranovskis said...

Hi,

Yes, sounds cool :)

Actually I already posted blog solution in reply. Here you can read it and download solution source - http://andrejusb.blogspot.com/2012/05/solution-for-sharing-global-user-data.html

Enjoy.

Andrejus

Anonymous said...

thnks. I read it failed to understand it was in response to drtodor's post.

dumb. Let me go through it again.

Thanks a ton again