MACROMEDIA COLDFUSION MX-CLUSTERCATS Use Manual page 24

Web developers must think through the user scenarios in which application session and
state are affected, and engineer appropriate mechanisms to handle them. The most
common ways to handle session data are:
Client-side options consisting of cookies, hidden fields, a get list, or URL parameters
Server-side session variables
Note: Storing session data on the server requires that a simple identifier is stored on
the client, such as a cookie.
An open state repository consisting of a common back-end database or other shared
storage device
Whatever mechanism your architects and engineers use, they must anticipate the
scenarios in which maintaining an application's state is vital to a good user experience.
See "Session-aware load balancing" on page
Database locking and concurrency issues
Dynamic web applications that allow users to modify a database must ensure appropriate
database concurrency handling. This term refers to how an application manages
concurrent user requests when accessing the same database records. If an application does
not impose a database-locking mechanism on multiple requests to update a record, data
integrity can be compromised in the database — two users could make simultaneous
modifications to a record, but only the second change would take effect.
For example, consider a Human Resources web application on a company intranet. The
HR Generalist adds two new employee records to the HR database by filling out a web
form, because two new employees have been hired. The Generalist enters most of the
vital information into the records, but doesn't yet have the new employees' phone
extensions or HMO selections, so leaves those fields blank. Later in the day, the HR
Generalist's manager, the HR Director, obtains this information from both new hires and
decides to enter it in the database. However, one of the new employees, after speaking
with her husband, decides to change her HMO selection from the basic selection to the
PPO choice. The employee calls the HR Generalist to tell him of the change, and the
Generalist says he will take care of it immediately. Without talking to the HR Director,
the HR Generalist adds the information into the employee records at the same time that
the HR Director is attempting to update the information.
In this scenario, if the application uses an appropriate database concurrency validation
mechanism, the HR Director receives a message indicating that she could not access the
employee record because it was in use, thereby alerting her that someone in her
department was trying to change the record. However, if the application did not use such
a validation mechanism, the HR Director would overwrite the new data that the
Generalist had just entered, resulting in data integrity problems. This example illustrates
the importance of your dynamic web applications handling database concurrency issues
well.
14 Chapter 2 Scalability and Availability Overview
72.