"A. Pagaltzis" <[EMAIL PROTECTED]> writes:

> * Terrence Brannon <[EMAIL PROTECTED]> [2005-09-03 19:15]:
>> A user requests *operations* - login, add user, view user which
>> are materialized by model actions and feedback on success
>> failure via the view/page. 
> I model my applications as a set of resources, à la REST.

I googled for REST and found this:

> Resources,
> obviously, are only created or updated assuming credentials with
> sufficient permissions; otherwise, the result is a 401 when not
> logged in or a 403 when logged in, but lacking permission.

Do you use cookies? The paper I read stated this:
Stateless: each request from client to server must contain all the
information necessary to understand the request, and cannot take
advantage of any stored context on the server.

To me, that means "no cookies". But your discussion of 401 and 403
would imply such a mechanism for recognizing who made the request?

SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
cgi-prototype-users mailing list

Reply via email to