Mailing-List: contact dev-help@cocoon.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@cocoon.apache.org
Received-SPF: pass (hermes.apache.org: local policy)
Message-ID: <41B9B49A.1050507@mobilebox.pl>
Date: Fri, 10 Dec 2004 15:37:14 +0100
From: Leszek Gawron <lgawron@mobilebox.pl>
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
MIME-Version: 1.0
To: dev@cocoon.apache.org
Subject: Re: Continuation manager modes
References: <20041208114713.31864.qmail@minotaur.apache.org>
 <41B6ED90.3000501@mobilebox.pl> <41B9A2B0.3080403@reverycodes.com>
 <41B9AB33.30109@mobilebox.pl> <41B9AD49.4090802@apache.org>
In-Reply-To: <41B9AD49.4090802@apache.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

Reinhard Poetz wrote:
> Leszek Gawron wrote:
> 
>> Vadim Gritsenko wrote:
>>
>>> Leszek Gawron wrote:
>>>
>>>>
>>>> Previously we have discussed about three continuations manager work 
>>>> modes:
>>>>
>>>> - standard (current functionality)
>>>> - continuations invalidated along with session, still the continuation
>>>> is reachable from other sessions (or no session at all)
>>>> - fully isolated. only the session that created the continuation can
>>>> access it.
> 
> 
> IIUC before you introduced your changes it was possible to reuse 
> continuations independently from where they have been created. What's 
> the usecase for this so that we still have have to support it?
Hmm after 2nd reading of your post I see I did not understand you.

There are two orthogonal aspects of continuation visibility:
- interpreter aspect: continuation should always be resumed by the same
   interpreter that created it. If not you could invoke your continuation
   in other sitemap (wrong context, resource not found exceptions,
   security problems).
   This case has been fixed. Still you can enable the old behaviur
   because some users relied on that functionality (although broken).

- security aspect:
   - OLD MODE: you can make your continuations visible for everyone. One
     user creates a continuation and passes the link to another user. The
     other one invokes it in a browser - it works. This is just as it has
     been from the start.
   - NEW MODE: secure continuations.
     Above behaviour creates following problems for authenticated web
     applications:
     * continuation ids might be stored in browser link history or page
       cache.
     * even though user has logged out and the session has been
       invalidated the continuation might still be valid. As long as
       resuming continuation does not query data from user session it
       will work. This way you can have access to secured part of
       application without even logging in.
     So the following mode has been introduced:
     * continuations are bound to the session.
     * You can lookup the continuation only among the ones you have
       created yourself. This way even though you "steal" a continuation
       id from somewhere it's no use for you.
     * When the session gets invalidated all continuations get
       invalidated too.

Hope that clears the situation.
-- 
Leszek Gawron                                      lgawron@mobilebox.pl
Project Manager                                    MobileBox sp. z o.o.
+48 (61) 855 06 67                              http://www.mobilebox.pl
mobile: +48 (501) 720 812                       fax: +48 (61) 853 29 65