3

I am managing a pool of stateless session for a web service between users.
So when a user request web service he start session and response timeout is 5 sec, so he can hold session for 5 sec max. second user comes in and system check if there is available session then use it.

Now i have a problem here. when let say there is a session available, user A comes, system check if it was used more than 5 sec ago, given to user A, at the same time another user hit and system check if session used more than 4 sec ago, assigned to user B.
Now both user using same session and system fails on one.

I have tried select of update command as well to lock it.
I have tried update last used time as soon as it is selected by first user, but this didn't work (i think second user hitting system as the same time)
can someone advice on it.

code: check for session from db if available then pick it or insert a new

//get 25 sessions from database order by lastqueryDate
$session = $sessionObj->select('session', '*', '', 'LastQueryDate DESC', '25');

$available_session = array();
//if sessions available, get rows from getResult
if ($session) {
    $session_Data = $sessionObj->getResult();
    //now get session which is sitting there more than response time out              
    $available_session = $sessionObj->getAvailableSession($session_Data);
}
//if there is any, use it. otherwise create new session and save in database
if (!$available_session) {
    $auth->securityAuthenticate();

    $header = $auth->getHeaders();
    $sequence = (int) $header['Session']->SequenceNumber + 1;
    $values[] = $header['Session']->SessionId;
    $values [] = $sequence;
    $values [] = $header['Session']->SecurityToken;

    $rows = "SessionID,SequenceNo,Security_token";
    if ($sessionObj->insert('session', $values, $rows)) {

        $available_session['Session']->SessionId = $header['Session']->SessionId;
        $available_session['Session']->SequenceNumber = $sequence;
        $available_session['Session']->SecurityToken = $header['Session']->SecurityToken;

    }
}

function that check availability of session in db :

public function getAvailableSession($session_data) {
    $available_session = array();
    foreach ($session_data as $key) {            
        if (!is_array($key)) {
            $key = $session_data;
        }


        $date = date('Y-m-d h:i:s a', time());
        $now = new DateTime($date);
        $last_query_time = new DateTime($key['LastQueryDate']);
        $dteDiff = $last_query_time->diff($now);
        $difference = $dteDiff->format("%H:%I:%S");
        //if response time out is smaller than session used last. then pick it.
        if (RTO <= $difference) {

            $available_session['Session']->SessionId = $key['SessionID'];
            $available_session['Session']->SequenceNumber = $key['SequenceNo'];
            $available_session['Session']->SecurityToken = $key['Security_token'];
            // run update to update lastqueryDate as its default value set to current time stamp
            $session_value = $key['SessionID'];
            $rows['SequenceNo'] = $key['SequenceNo'];
            $where[0] = "SessionID";
            $where[2] = "'" . $session_value . "'";                
            $this->update('session', $rows, $where);
            return $available_session;
        }
    }
    return false;
}

As soon as i find a session sitting idle for more than 5 sec i am updating database.

Passerby
  • 9,715
  • 2
  • 33
  • 50
Tariq G
  • 346
  • 2
  • 9

1 Answers1

0

Open transaction. Issue "select ... for update" query for getting session data. Commit transaction at end of script.

gray
  • 381
  • 2
  • 13