How to make a java web application fully stateless [duplicate]

Asked 9/11, 2014 at 16:14 Answered 21/11, 2014 at 3:35

java rest jakarta-ee architecture stateless

I know that there are many discussions on difference between stateful app and stateless app, and that stateless is what function programming language does, every function call with the same args will return the same value.

Does it mean object-oriented language is not able to make a fully stateless application,since every object will typically have state.

Also, in Java web application, we typically need to trace user state,and which is solved by session. But how to do that in distributed system with in stateless way?

When one system dies, and we need the session can be recognized in some way by another server so that the user state will be transferred. Do we need to put the session in the central database(cache)?But is this way stateless?

What will be some things need to be concerned except session) to before we make a java web application stateless?

Bo answered 9/11, 2014 at 16:14 Comment(0)

You don't store any client state information on the server, you pass it around to everywhere that needs it and you pass it back to the client when the server needs something changed. That is what stateless means, no state. The server should not have any clue about what state the client is in until the client tells it what the state is.

Aubarta answered 21/11, 2014 at 3:35 Comment(0)

-1

The most simple way is to store the session information in some key-value store. Have a look here: Tomcat: Store session in database

To go "real" stateless, there must be NO session at all. This means: The user will authenticate with every request, and with every request you've got to check the credentials. (It's pretty similar to a session database)

Blase answered 9/11, 2014 at 16:19 Comment(4)

Can I consider that we do not store anything in a single node(instead, let the client to do identity that or store in a central one ), and this is stateless? what about the others? Session is only one of my concerns, How about class, or something else? – Bo 9/11, 2014 at 16:28

@Jaskey don't confuse object state with user-specific, conversational state. Havings stateful objects in an application is not a problem. What is a problem is keeping state specific to a user in memory across multiple requests. A typical webapp gets and stores data in a database at each request. – Crucifixion 9/11, 2014 at 16:31

@JBNizet,while some does say that server holds the state in db or memcache, is not a stateless app, like inf3rno 's answer in #27016814 – Bo 21/11, 2014 at 2:48

It really shouldn't matter how someone calls it, as long as it works the way you want. If your application should really have no state at all, just make sure, you don't store anything inside the app. That means: Use no static properties, never use session scope, always use request scope. The most "pure" way should be using HTTP Basic Auth and validate the credentials with every request against the DB. But I'd say, that it's okay to generate an access token on login, persist the token somewhere and let the user send the token with every request. It's basically the same as session store. – Blase 21/11, 2014 at 8:54

Recommended topics

Hot tags