cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Torsten Curdt <tcu...@vafer.org>
Subject Re: Continuations in clustered environments?
Date Sun, 19 Oct 2003 23:20:41 GMT
> Is it possible for continuations to be used in a clustered environment? 
>  A cursory look at ContinuationsManagerImpl leads me to believe that the 
> continuation info is stored in forrest, a private HashSet. Therefore, it 
> does not look like a cluster could share continuations -- is this right?

If we keep the continuations in the session the usual
techniques might apply. Otherwise we'd need a different
kind of store.

> In order to make this possible, you would either have to share the 
> continuation objects among the cluster, or serialize the continuation 
> object itself on the web page.

 From a security POV I think this is not an option.
And the round-tripping makes no sense at all because continuations
happen on the server-side. This sounds like an ugly workaround for
a problem that should be solved somewhere else.
(Although it might seem appealing on the first glance)

 > The continuations could be shared in a
> database, or perhaps with a JavaGroups-enabled container, similar to how 
>  Tomcat sessions are replicated.  Maybe SwarmCache can be used as-is for 
> this?

That's the spirit ;)

> It seems like it might be easier to serialize the continuation objects 
> and pass them back to the server the same way the continuation IDs are 
> passed around.

Although I like the KISS approach in general I'd really prefer to keep
them on the server. Getting the continuation from a request is kinda
like you'd execute code that comes in from a request! -> BAAAAAD!!

> Of course they would have to be encrypted in some way to 
> prevent people from tampering with them.  This may or may not be 
> practical depending on how big these objects actually are.

Hm... this sounds more like a MS approach ;)

If we don't expose the continuation object
to the world there is no risk and no need
for encryption.

> Is anyone working on this, or am I totally wrong and it is already 
> possible?

...at least something we should discuss
--
Torsten


Mime
View raw message