Leszek Gawron wrote:
Sylvain Wallez wrote:
Tony Collen wrote:
Maybe it's time we make Cocoon automatically pull the continuation
ID from a session tied to a cookie.
That won't work as a continuation is related to the page displayed in
the browser rather than to the browser itself, as is a cookie.
I'm with Reinhard: let's tie continuations to sessions, which should
be fine for 99.9% of the use cases. Even if the continuation ID is in
the URL, it won't be accessible without the session id cookie.
That functionality is already available but not enabled by default
because it enforces session creation.
Yes, I know that, and that's what I meant: let's make it the default.
Continuations are server-side state anyway so I don't really see the
problem with enforcing session creation when continuations are used.
Note also that load-balancing schemes are often based on session
affinity, meaning if you use continuations without sessions, there is a
non-negligible probability that a request to continue a flowscript will
go to different server than the one that created it!
Sylvain
--
Sylvain Wallez Anyware Technologies
http://people.apache.org/~sylvain http://www.anyware-tech.com
Apache Software Foundation Member Research & Technology Director
