Howard Lewis Ship <hlship <at> gmail.com> writes:
> I think the most secure approach will be to store the serialized data
> in a temporary (embedded or flat file) database on the server, and
> send just a short, opaque identifier to the client.
This sounds more secure. However, I am not sure if it is really more
secure (than storing data signed by a server key on the client). Any
example showing otherwise?
> This has the added
> benefit of storing significantly less data on the client side (which
> might allow the use of GET for forms that do no modify externally
> persistent state).
OK. However, a view state is most likely only used once almost immediately
(when the form is submitted), unless the user uses the back button.
>From this view point, storing it in a file or DB doesn't sound like
the best approach.
> Certainly, "salting" the identifier with a session id, or other value
> that uniquely identifies the user, will be important.
>
> I can see two different "stores" for this data; one for unidentified
> visitors that "salts" with the user's IP address, the other that
> "salts" with the session id.
I understand the desire to avoid creating a session. However, it is
just a session without any data in it. Do you know of any reference
suggesting that this may be a performance problem? As there is no
data in it, it won't affect performance in a cluster.
The use of IP is not foolproof, eg, people using a proxy or NAT. We'll
also need to time out the items in store to make sure the state is
time limited. This is more troublesome for those using a proxy. Using
IP for this purpose is like creating a fake session. If there is a
real session for us to use, not why just use it?
> Clustering issues will make this more complex.
Right. Here is a summary so far:
1) Signed data on client, salted with session id, signed by server key.
2) Data on server, salted with session id.
3) Data on server, salted with IP.
1) 2) 3)
-----------------------------------------------------------------------------
A) Security Less secure than 2)? Secure Not secure
B) Can use GET N Y Y
C) Bandwidth use Higher Lower Lower
D) Disk space use Lower Higher Higher
E) Need a session (no data) Y Y N
F) need to time out and N Y Y
delete items in server
side stores
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
