-
-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove default session manager as it introduces hidden dependencies #15
Comments
my two pennies worth on this one: For instance, when the session manager is configured using config options array, if the session manager has not been explicitely instanciated, the Zend\Authentication\AuthenticationService storage container will not use it thus ignoring the configured session. Here 's some pseudo code to make myself clear : let's suppose we have this config :
The following WON'T use the configuration:
BUT this will:
as during instanciation the sessionManager factory will call the static Container::setDefaultManager Originally posted by @jcaillot at zendframework/zend-session#58 (comment) |
I agree there should be the "default" session manager service in the service manager (and it exists already - it is named Originally posted by @olegkrivtsov at zendframework/zend-session#58 (comment) |
TL;DR: I agree In the vast majority of cases developers need only reconfigure rather than replace the default session manager. There are a number of provided ways to influence the configuration of the session manager: The default factories for
Documentation for all of these options can be found here: http://zendframework.github.io/zend-session/config/ You could also attach a delegator factory to That said, and as @jcaillot shows, the "magic" injection of the default session scope isn't without it's problems. Personally I do prefer to inject the session manager or session container into the places I need it, and ZF doesn't preclude you from doing that -- the Container "default manager" stuff is a convenience layer but in no way mandatory. In it's current state the only real benefit you get from the Container "default manager" setup is you can do Originally posted by @adamlundrigan at zendframework/zend-session#58 (comment) |
@jcaillot this is due to the fact that service manager factories aren't executed until the key is requested. AuthenticationService relies on a session Container instance, and that Container can't fall back to the default SessionManager until the default is injected into it. That default isn't injected until SessionManagerFactory is executed for the first time. In the absence of an injected default session manager, Container will instantiate one without config (here). You've also identified the only feasible workaround at this point: if you have customized session manager configurations you need to pull the session manager somewhere early in the bootstrap process to ensure that your configured session manager becomes the system-wide default. Originally posted by @adamlundrigan at zendframework/zend-session#58 (comment) |
Currently the
Zend\Session\AbstractContainer
class has thesetDefaultManager()
static method which completely breaks the concept which forces developers to explicitly specify the dependencies for a class, model, controller etc. As a result, many ZF3 components implicitly use the default session manager.If I configure 'not default' session manager, I have to pass it everywhere including controllers, services, validators (like FlashMessenger) etc., but I think this possiblity is not developed enough in ZF3, because all components use default session manager implicitly.
I suggest to remove the static default session manager and force users to configure and provide the session manager explicitly.
Originally posted by @olegkrivtsov at zendframework/zend-session#58
The text was updated successfully, but these errors were encountered: