WDYT ?
An other solution, I used it (with Wicket) for same purpose : using a ajax code that call the server and keep the session alive.
Do a try by adding the Clock sample into your page, then you could use this feature to auto-save draft version.
WDYT ?
> formCurrent.openOr (new Email).toForm(...)
>
> Or, other ideas?
>
> (*) - Aside: does the input param name randomization help a lot? I
> can think of this: it prevents kiddies from copy-&-pasting direct view-
> source HTML forms for nefarious purposes. But, it (or any other
> system) can't prevent any evil client code that bothers to pretend to
> be an end user browser.
>
> Thanks,
> Steve
>
> >
--
_____________________________________
/ \
/lift/ committer (www.liftweb.net)
SGS member (Scala Group Sweden)
SEJUG member (Swedish Java User Group)
\_____________________________________/
Interesting problem... and probably post 1.0.
It seems to me the only options are:
1) Push more data into the form and out of the server-state closures
(and hurt the security lift enables).
2) Have per user stores that durably survive sessions (and hurt
performance/scalability)
The closures on the server-side enable three features (right?):
* security
* efficient async (comet) interactions
* and long running stateful sequences (wizards)
DavidP, can you explain the security benefits in a little more? In the
case of a simple form (not comet and not a wizard) how much benefit in
terms of a secure system does this provide?
Thanks,
John
[1] See http://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm#sec_5_1
"communication must be stateless in nature..., such that each request
from client to server must contain all of the information necessary to
understand the request, and cannot take advantage of any stored
context on the server. Session state is therefore kept entirely on the
client."
--
John D. Heintz
Principal Consultant
New Aspects of Software
http://newaspects.com
http://johnheintz.blogspot.com
Austin, TX
(512) 633-1198
Interesting idea on the ajax auto-save, which seems helpful with the case of session timeout. But, on a server bounce case... still no love.