[Registry-dev] Transaction support in the embedded registry

Chathura C. Ekanayake chathura at wso2.com
Tue Apr 1 22:28:38 PDT 2008 

Deepal Jayasinghe wrote:
> Hi Chathura ,
>>
>> I am implementing the transaction support in the embedded registry 
>> layer. I have introduced below four methods to the Registry API to 
>> handle transactions. These methods can be used by client application 
>> in a similar way to JDBC connection transactions.
>>
>> registry.beginTransaction();
>>
>> registry.commit();
>>
>> registry.rollback();
>>
>> registry.endTransaction();
> Rather than adding these methods to registry API cant we come up with 
> a new class (say TransactionManager) and add those four methods there. 
> And we can create the TransactionManager by giving the registry 
> instance or whatever needed.

Yes, we can do that. But we have to discuss which option simplifies the 
the usage and possible confusions to the users. So far, I am open for 
any option.

>
>>
>> When beginTransaction() is called, a database connection is obtained 
>> and stored in a thread local variable. Then all other database 
>> related registry components use that connection by calling:
> Well this a problem when it comes to APP, because in the case of APP 
> storing in the thread local will not provide what we want. Because 
> when we use APP for each and every request it creates a new thread so 
> what we store in last request can not access from the new request.
>
> I think we need to think this in bit higher level , something like RM 
> session. Where when a user start a transaction we give him  a session 
> key (and store the connection in a table alone with the key) and he is 
> supposed to send the key back when he call the second call in the same 
> transaction. If we do so we can handle this in APP without having any 
> problem.

This is some sort of manual session tracking. We can simply use servlet 
sessions to store the connection. I think the best way is to store the 
connection in the UserRegistry if the transaction is not completed. Then 
handling connections will be hidden from the APP implementation. We can 
go for this, if the session related issues are fixed in the new Abdera 
version.
>
>>
>> Connection conn = Transaction.getConnection();
>>
>> When a transaction is started, connections are not commited unless 
>> registry.commit() is called. Therefore, client application can 
>> perform sequence of operations in a single transaction by listing 
>> them within registry.beginTransaction() and registry.commit(). Once 
>> the transaction is complete client applications should call 
>> registry.endTransaction(), so that the connection is closed and the 
>> thread local variable is cleared.
> What happen if the client does not call endTransaction ?

It is same as JDBC transactions. If clients do not close connections, it 
will run out of connections. Therefore, clients have to end all started 
transactions.

>
>
> Someone can attack registry by just creating transactions and not 
> closing them , I think we have to agree what we are going to do on this.

Problem is who can call beginTransaction(). I think we should have a 
action named BEGIN_TRANSACTION, to which users can be authorized. Then 
only authorized users can call transaction API.

Thanks,
Chathura

>
> Thank you!
> Deepal
>
>
> _______________________________________________
> Registry-dev mailing list
> Registry-dev at wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
>

More information about the Registry-dev mailing list