On 2009-12-17 15:27, Zak Mc Kracken wrote:
> Thank you Nicklas, that's clearer now.
> Just more few notes.
> Nicklas Nordborg wrote:
>> 1. Your web service application does this on its own and keeps track of
>> used/active ones so that duplicates are not generated. When the user
>> clicks a link he/she is asked to login to BASE.
> This seems to be the simpler option. A bit less practical, but could be
> an alternative.
>> 2. Your web service application uses BASE to create a new SessionControl
>> and login using the "guest" account. Use the id from the session control
>> in the link and the user doesn't have to login when it is clicked. Note
>> that your web service application needs to set the proper remote id on
>> the session control, otherwise the "Invalid remote id" message will popup.
> From previous messages, it seems that the session id is tied to the
> client that creates the session (via IP). So it would be linked to the
> server running the web service in our case. This is problematic, because
> the final link to the BASE experiment will be used by a remote user,
> which will be served by a session ID having the wrong IP.
No this is not the case. If your application is creating the
SessionControl it can give it any session id that you want or let BASE
generate an ID, and it can choose which IP to link it with. See the API
javadoc at this long URL:
> Is there a way to sort this out? Any plan to change the BASE code on
> this point? For instance, if one could pass login/password/IP to the
> authentication web service, or even disable this session/IP feature.
No, this is not going to change. It is very important to not mess with
this since it will make lots of things to not work anymore.
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
basedb-devel mailing list