Free Software

Software Engineering with FOSS and Linux

Using JiBX with Jersey

After searching around for this for a while without much luck, I post it here hoping to save you some time. Jersey, the reference implementation of JAX-RS, typically uses JAXB to marshal and unmarshal XML. If you want to use JiBX instead, you should provide custom providers:

@Provider
public class JIBXBodyReader implements MessageBodyReader<Object> {
	public boolean isReadable(Class<?> type, Type genericType,
			Annotation[] annotations, MediaType mediaType) {		
			try {
				BindingDirectory.getFactory( type );
			} catch (JiBXException e) {
				return false;
			}
			return true;
	}

	public Object readFrom(Class<Object> type, Type genericType,
			Annotation[] annotations, MediaType mediaType,
			MultivaluedMap<String, String> httpHeaders, InputStream entityStream)
			throws IOException, WebApplicationException {
		try {
			IBindingFactory factory = BindingDirectory.getFactory( type );
			IUnmarshallingContext context = factory.createUnmarshallingContext();
			return context.unmarshalDocument( entityStream, null );			
		} catch (Exception e) {
			e.printStackTrace();
		}
		return null;
	}
}

@Provider
public class JIBXBodyWriter implements MessageBodyWriter<Object> {
	public long getSize(Object obj, Class<?> type, Type genericType,
			Annotation[] annotations, MediaType mediaType ) {
		return -1;
	}

	public boolean isWriteable(Class<?> type, Type genericType, 
			Annotation[] annotations, MediaType mediaType ) {		
		try {
			BindingDirectory.getFactory( type );
		} catch (JiBXException e) {
			return false;
		}
		return true;
	}

	public void writeTo(Object obj, Class<?> type, Type genericType,
			Annotation[] annotations, MediaType mediaType,
			MultivaluedMap<String, Object> headers, OutputStream outputStream)
			throws IOException, WebApplicationException {
				try {
					IBindingFactory factory = BindingDirectory.getFactory( type );
					IMarshallingContext context = factory.createMarshallingContext();
					context.marshalDocument( obj, "UTF-8", null, outputStream );
				}
				catch ( Exception e ) {
					e.printStackTrace();
				}				
	}
}

November 25, 2010 Posted by | Programming, Uncategorized, web | , , , , , , , , | 1 Comment

Preventing session expiration with AJAX

Lately I have noticed an increase in issues related to session expiration in web pages. There are two cases that come to mind:

  • Traditional forms that may take the users too long to fill and submit, perhaps because they need to seek data from several sources, such as curriculum info or references.
  • Rich Internet Applications, which may delay to communicate with the server long enough for a session to expire, even though the users act under the delusion of a constant communication and a consistent state of their data.

Increasing the session timeout is only a partial solution, as it affects the server load and doesn’t fully address the problem since users may still face an unexpected session timeout if their behavior diverts from the expected scenarios. A better way is to use a simple AJAX call to periodically renew your session, as long as your web page is still open in the browser. You can do that using the setInterval() JavaScript function or its equivalent in the framework of your choice. With jQuery, you could use something like this:

    $(document).ready( function() {
        var refreshTime = 600000; // in milliseconds, so 10 minutes
        window.setInterval( function() {
            var url = 'http://mysite.mydomain/refreshSessionURL';
            $.get( url );
        }, refreshTime );
    });

The url variable should point to a page that does nothing but refreshing a session. If your application is in PHP, a simple session_start() will do.  If you are using an MVC framework, you could use a controller that renders nothing back and let the framework handle the session renewal.

One possible caveat using this approach is AJAX caching. If it is enabled (some browsers, including IE, enable it by default), it is possible that only your first call will be sent to the server. There are two approaches. The most simple one is to disable AJAX caching completely. In jQuery, this can easily be done using a $.ajaxSetup( {cache:false} ) call. Another possible way is by attaching some random parameter to your session-refreshing URL that will be ignored by the server.

Finally, you should be aware of the security implications of never letting a session to expire. Depending on the requirements of your application, you should consider using a user inactivity test to prevent session renewal or even cause a session to expire.

June 19, 2010 Posted by | Programming, web | , , , , , , | 6 Comments