[Registry-dev] Transaction support in the embedded registry

Afkham Azeez azeez at wso2.com
Tue Apr 1 23:49:40 PDT 2008 

Deepal Jayasinghe wrote:
> Hi Chathura ,
>>
>> I am implementing the transaction support in the embedded registry 
>> layer. I have introduced below four methods to the Registry API to 
>> handle transactions. These methods can be used by client application 
>> in a similar way to JDBC connection transactions.
>>
>> registry.beginTransaction();
>>
>> registry.commit();
>>
>> registry.rollback();
>>
>> registry.endTransaction();
> Rather than adding these methods to registry API cant we come up with a 
> new class (say TransactionManager) and add those four methods there. And 
> we can create the TransactionManager by giving the registry instance or 
> whatever needed.

I think it is much simpler for the users if you put the necessary 
methods in the registry itself. They don't have to remember too many APIs.

e.g.
registry.beginTx();
try{
	Resource res = registry.newResource();
	registry.put("/test", resource);

	Resource res2 = registry.newResource();
	registry.put("/test2", res2);

	registry.commit();
} catch(Exception){
    	registry.rollback();
}

So it is very simple for embedders as you can see above.

Azeez
>>
>> When beginTransaction() is called, a database connection is obtained 
>> and stored in a thread local variable. Then all other database related 
>> registry components use that connection by calling:
> Well this a problem when it comes to APP, because in the case of APP 
> storing in the thread local will not provide what we want. Because when 
> we use APP for each and every request it creates a new thread so what we 
> store in last request can not access from the new request.
> 
> I think we need to think this in bit higher level , something like RM 
> session. Where when a user start a transaction we give him  a session 
> key (and store the connection in a table alone with the key) and he is 
> supposed to send the key back when he call the second call in the same 
> transaction. If we do so we can handle this in APP without having any 
> problem.
>>
>> Connection conn = Transaction.getConnection();
>>
>> When a transaction is started, connections are not commited unless 
>> registry.commit() is called. Therefore, client application can perform 
>> sequence of operations in a single transaction by listing them within 
>> registry.beginTransaction() and registry.commit(). Once the 
>> transaction is complete client applications should call 
>> registry.endTransaction(), so that the connection is closed and the 
>> thread local variable is cleared.
> What happen if the client does not call endTransaction ?
> 
> Someone can attack registry by just creating transactions and not 
> closing them , I think we have to agree what we are going to do on this.
> 

This has to be prevented at a upper layer. You could use some sort of 
security restrictions in the case of a hosted registry. In the case of 
embedding, it is the total responsibility of the embedder handle this 
properly.

> Thank you!
> Deepal
> 
> 
> _______________________________________________
> Registry-dev mailing list
> Registry-dev at wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
>

More information about the Registry-dev mailing list