> Is it possible for continuations to be used in a clustered environment?
> A cursory look at ContinuationsManagerImpl leads me to believe that the
> continuation info is stored in forrest, a private HashSet. Therefore, it
> does not look like a cluster could share continuations -- is this right?
If we keep the continuations in the session the usual
techniques might apply. Otherwise we'd need a different
kind of store.
> In order to make this possible, you would either have to share the
> continuation objects among the cluster, or serialize the continuation
> object itself on the web page.
From a security POV I think this is not an option.
And the round-tripping makes no sense at all because continuations
happen on the server-side. This sounds like an ugly workaround for
a problem that should be solved somewhere else.
(Although it might seem appealing on the first glance)
> The continuations could be shared in a
> database, or perhaps with a JavaGroups-enabled container, similar to how
> Tomcat sessions are replicated. Maybe SwarmCache can be used as-is for
> this?
That's the spirit ;)
> It seems like it might be easier to serialize the continuation objects
> and pass them back to the server the same way the continuation IDs are
> passed around.
Although I like the KISS approach in general I'd really prefer to keep
them on the server. Getting the continuation from a request is kinda
like you'd execute code that comes in from a request! -> BAAAAAD!!
> Of course they would have to be encrypted in some way to
> prevent people from tampering with them. This may or may not be
> practical depending on how big these objects actually are.
Hm... this sounds more like a MS approach ;)
If we don't expose the continuation object
to the world there is no risk and no need
for encryption.
> Is anyone working on this, or am I totally wrong and it is already
> possible?
...at least something we should discuss
--
Torsten
|