Retrieving a pooled session

In general*, HST request processing is done with a liveuser JCR session from the liveuser session pool or, in case of the preview in the Experience manager, with a user which has the joint read-access of a previewuser session plus the currently logged in CMS user session, see Security Delegation.

*For a site that requires authenticated and is marked with hst:subjectbasedsession = true, a session specific for the authenticated user is used instead of a pooled JCR session.

For a normal live site rendering request, invoking  HstRequestContext#getSession() returns a pooled liveuser session. For an action request (HTTP POST), it depends whether the doAction method is annotated with @Persistable or not, see HstComponent Persistable annotation and workflow. If you need a different pooled JCR session than the default one returned by HstRequestContext#getSession(), for example because you need read access to the HST configuration nodes, you can achieve this through the HST Spring ComponentManager as follows:

Getting a pooled JCR Session 

Repository repository = HstServices
               .getComponentManager()
               .getComponent(Repository.class.getName());
Session mySession = repository.login(credentials);

JCR Sessions retrieved through the component manager as explained above, are managed by HST session pools. Developers are not required to log out pooled sessions; they will eventually be automatically logged out based on an idle timer. However it is recommended to always log out a pooled session once it is no longer needed, so that it is returned to the pool immediately, decreasing the chance that requests get blocked because all the pooled sessions are in use.

For non-pooled sessions. a developer is required to log out such sessions himself.

Getting credentials for pooled users

The above code returns a pooled session, however, you need to get hold of the credentials for pooled users. There are 5 default available Session pools (see HST users) in HST, for which you can retrieve the credentials as follows:

ComponentManager mngr = HstServices.getComponentManager();
Credentials configCred = mngr.getComponent(Credentials.class.getName() + ".hstconfigreader");
Credentials liveCred = mngr.getComponent(Credentials.class.getName() + ".default");
Credentials binariesCred = mngr.getComponent(Credentials.class.getName() + ".binaries");
Credentials previewCred = mngr.getComponent(Credentials.class.getName() + ".preview");
Credentials writeCred = mngr.getComponent(Credentials.class.getName() + ".writable");

 

Did you find this page helpful?
How could this documentation serve you better?
On this page
    Did you find this page helpful?
    How could this documentation serve you better?