Your SlideShare is downloading. ×
Advanced Seaside
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Advanced Seaside


Published on

Title: Seaside Advanced Topics …

Title: Seaside Advanced Topics
Speaker: Johan Brichau
Title: Advanced Seaside
Speaker: Philippe Marshall
Thu, August 21, 2:00pm – 3:30pm

Abstract: If you want to know everything about building sophisticated web applications with Seaside using tightly-integrated client-side libraries and frameworks (jQuery, jQuery++, jQuery-UI, Bootstrap, jQuery-Mobile,...), transparent persistence, RESTful webservices, etc or just about what's new in Seaside, then this tutorial is for you. We will skip the basics (see the excellent online tutorials [1][2] and book [3]) and jump right into the advanced uses of jQuery, the intricate details of ajax callbacks, the extensible framework, the transparent persistence in GemStone Web Edition (GLASS), and much more. We will reserve ample time for Q&A, so bring your questions to the session.

Bio: Philippe Marshall has been part of the core Seaside team for several years. He holds a MSc CompSci from the University of Bern and has previously held talks at ESUG.

Dale Henrich has been working in Smalltalk since 1985 when he developed an internal application on the Tektronix 4404. The internal application was used at Tektronix for at least 20 years and may still be in use today! Since 1985 he has been lucky enough to work in Smalltalk nearly full-time, spending the last 15 years at GemStone (now GemTalk Systems) give or take a couple of years.

Johan Brichau is co-founder and development lead at, a "Seaside under GLASS"-based web application for event management currently used by over 80 cultural organisations in Belgium and The Netherlands.

Published in: Software

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Advanced Seaside Philippe Marschall ESUG 2014
  • 2. Advanced Seaside • WARestfulComponentFilter • session tracking • •
  • 3. WARestfulComponentFilter
  • 4. Disclaimer • REST in this context simply means “pretty URLs”
  • 5. WARestfulComponentFilter • new with 3.1 • Norbert’s fault • this is the missing documentation
  • 6. WARestfulComponentFilter • run “front page(s)” without session • “window shopping” • run pages behind with session • central place to recover from expired session
  • 7. WARestfulComponentFilter • “REST” filter that runs before the application • only when no session • or session is expired • can start session with any component instance
  • 8. WARestfulComponentFilter • if it runs, normal REST filter rules apply • SeasideRest • up to you how HTML is generated • WABuilder/WAPainter • no callbacks • …
  • 9. Example Ⅰ • counter • all “pages” handled by filter and component • not the normal case • not composable
  • 10. Example Ⅱ • one two three • first page just static content • link to second page with static content • third page with counter (and session)
  • 11. Session Tracking
  • 12. Session Tracking • used to be implemented in WAApplication • had a single flag • optionally use cookies
  • 13. Session Tracking 3.1 • factored out into a strategy object • can implement your own • handles no or expired session
  • 14. Session Tracking Fully Customizable • query fields • cookie only • cookie if supported, query field otherwise • cookie for browser, IP for crawler • SSL session id (*) • path parameter (*)
  • 15. Query Field • /?_s=KAAWl0x3c6KLnN6Q • easy for development • session per tab • no issue with cookie laws • no iframe issues (P3P)
  • 16. Path Parameter • ;_s=KAAWl0x3c6KLnN6Q/ • like query parameter • doesn’t have to be hidden field in form • required by some load balancers • “JavaEE” way
  • 17. Cookie Only • never shows up in links • never shows up in access logs • links can be copied and pasted • links can be sent by email • session per browser • crawlers don’t accept cookies
  • 18. IP • option for crawlers • same session for all browsers • issues with • mobile clients • NATs • Proxies
  • 19. SSL Session Id • never shows up • needs sever (adapter) support (3.1) • SSL session has to be keep alive • or client gets same id again • no SSL session cookies
  • 20. Session Tracking Fully Customizable • query fields • cookie only • cookie if supported, query field otherwise • cookie for browser, IP for crawler • SSL session id (*) • path parameter (*)
  • 21. Custom • variant of any of those • combination of any of those • can rename field • whatever else • eg. header set by security proxy • client certificate
  • 22. Example • fake JavaEE • eg. Tomcat, JBoss • eg. for load balancer • use existing load balancer infrastructure, configuration, documentation • jvmRoute left as an exercise
  • 23. jvmRoute • sticky session load balancing • no session replication • attach image id / JVM id to session id • /;jsessionid=KAAWl0x3c6KLnN6Q.42 • supported by “JavaEE load balancers”
  • 24. Example • jsessionid path parameter name • JSESSIONID cookie name