Return-Path: X-Original-To: apmail-couchdb-dev-archive@www.apache.org Delivered-To: apmail-couchdb-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id EA13710692 for ; Tue, 11 Mar 2014 09:20:19 +0000 (UTC) Received: (qmail 43506 invoked by uid 500); 11 Mar 2014 09:20:16 -0000 Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org Received: (qmail 43422 invoked by uid 500); 11 Mar 2014 09:20:15 -0000 Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list dev@couchdb.apache.org Received: (qmail 43399 invoked by uid 99); 11 Mar 2014 09:20:14 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Mar 2014 09:20:14 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id D200593E753; Tue, 11 Mar 2014 09:20:13 +0000 (UTC) From: KlausTrainer To: dev@couchdb.apache.org Reply-To: dev@couchdb.apache.org References: In-Reply-To: Subject: [GitHub] couchdb pull request: Use cookie authentication during replication Content-Type: text/plain Message-Id: <20140311092013.D200593E753@tyr.zones.apache.org> Date: Tue, 11 Mar 2014 09:20:13 +0000 (UTC) Github user KlausTrainer commented on a diff in the pull request: https://github.com/apache/couchdb/pull/172#discussion_r10465907 --- Diff: src/couch_replicator/src/couch_replicator_httpc.erl --- @@ -131,6 +171,90 @@ process_stream_response(ReqId, Worker, HttpDb, Params, Callback) -> end. +process_stream_response_headers(ReqId, Code, Headers, Worker, HttpDb, Params, Callback) -> + StreamDataFun = fun() -> + stream_data_self(HttpDb, Params, Worker, ReqId, Callback) + end, + ibrowse:stream_next(ReqId), + try + Ret = Callback(Code, Headers, StreamDataFun), + release_worker(Worker, HttpDb), + clean_mailbox_req(ReqId), + Ret + catch throw:{maybe_retry_req, Err} -> + clean_mailbox_req(ReqId), + maybe_retry(Err, Worker, HttpDb, Params, Callback) + end. + + +maybe_start_new_session(HttpDb) -> + case need_new_session(HttpDb) of + false -> false; + true -> start_new_session(HttpDb) + end. + + +maybe_start_new_session(HttpDb, Worker) -> + case need_new_session(HttpDb) of + false -> false; + true -> start_new_session(HttpDb, Worker) + end. + + +need_new_session(#httpdb{credentials = undefined}) -> + false; + +need_new_session(#httpdb{credentials = Credentials}) -> + case ets:lookup(Credentials, cookie) of + [] -> + true; + [{cookie, _, UpdatedAt}] -> + %% As we don't know when the cookie will expire, we just decide + %% that we want a new session if the current one is older than + %% one minute. + OneMinute = 60 * 1000000, % microseconds --- End diff -- Yes, that's possible, but what advantage would it get us? I had previously implemented it, but then threw it away again. One disadvantage of that is that it makes us rely on clocks being synchronized, which is an assumption we probably like to avoid here. As of now, we unfortunately don't have any knowledge about the expiry time of a cookie here (there's only have the timestamp). Choosing one minute seems like a good compromise to me, as it's unlikely that people will configuring a session timeout below that. However, it might be good to consequently limit the session timeout to a minimum of one minute and document it appropriately. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastructure@apache.org or file a JIRA ticket with INFRA. ---