Well WebDAV is after all an HTTP extension and I do believe your assumption that opening a session is somehow "inefficient" is related to the assumption that there are communications delays. Applications talking to each other over ports within the same machine is a common practice.
You could however do as you suggest and have your application interact with a lower level interface where your application is acting in the place of the slide servlet and there has been some suggestion on this list in that regard. But if you do that, there is no need for either the webdavResource client library nor our "Client" wrapper for it as they use WebDAV (i.e. HTTP). So if you aren't going to use WebDAV, you might find it easier to implement with SubVersion to get your versioning repository. Michael Oliver CTO Matrix Intermedia Inc. 3325 N. Nellis Blvd, #1 Las Vegas, NV 89115 Phone:(702)643-7425 Fax:(520)844-1036 -----Original Message----- From: Ricardo Gladwell [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 20, 2004 5:08 AM To: Slide Users Mailing List Subject: Re: Slide Security Questions Hi Michael, Thanks for your informative response. I didn't consider adding the WebDAV client tool to the web application and accessing the WebDAV functionality through this. Doesn't this involve opening a HTTP connection back to the same server? This seems a little inefficient. Wouldn't it be better to access the WebDAV application directly through the VM if they are both being served off the same JVM? Also, I believe some servlet containters, such as WebLogic 6.1, have problems open connections to themselves, sometimes causing blocking. Is it possible to configure the Slide WebDAV client to directly access the Slide engine itself rather than work over HTTP? Kind regards... -- Ricardo Gladwell Michael Oliver wrote: > The approach we took and I have heard others took was to create a > separate web application (we used an extended Struts framework) and to > use the webdavResource, aka "Client Library". We designed a "Wrapper" > for the library to allow it to be instantiated and stored in the session > when a successful login to the slide server occurred and all our actions > looked for that "Client" in the session and used it to talk to Slide. > Then all our pages accessed Struts Actions to do their work and those > actions all used the "Client" object's public methods that wrapped the > webdavResource for simple methods and obtained the underlying > webdavResource object itself for more complex methods. Works well. > > Michael Oliver > CTO > Matrix Intermedia Inc. > 3325 N. Nellis Blvd, #1 > Las Vegas, NV 89115 > Phone:(702)643-7425 > Fax:(520)844-1036 > > -----Original Message----- > From: Ricardo Gladwell [mailto:[EMAIL PROTECTED] > Sent: Monday, July 19, 2004 9:38 AM > To: Slide Users Mailing List > Subject: Slide Security Questions > > Hi All, > > I'm in the process of developing a web application that has a Slide > WebdavServlet-run WebDAV repository and a JSP-based HTML front-end. The > front-end needs to integrate with the repository for security purposes > (users need to be able log into the WebDAV repository using the same > uid/password they log into the front-end, administrators can give users > access to otherwise restricted parts of the WebDAV repository, etc). > > With this in mind I would like to be able to access and modify > priviliges using the WebDAV repository from the HTML front-end. What is > the best method to access the WebDAV server API from another part of the > > web application? I discovered it is possible to obtain a reference to > the root NAT from the ServletContext as follows: > > NamespaceAccessToken nat = > (NamespaceAccessToken) > context.getAttribute(WebdavServlet.ATTRIBUTE_NAME); > > I can then obtain a reference to the SlideToken using the WebdavUtils > class and from their manage the WEbDAV repository. I'm slightly puzzled > as to how I might 'fake' and HTTP authentication to log in as say, root, > > from the application to carry out some of the privileged tasks? > > I also noticed that Slide has a JMX MBean interface, although I am > unsure as to whether accessing via JMX would be preferable in anyway to > simply obtaining the NAT reference. > > BTW, what does a SubjectNode represent? There is no documentation in the > > JavaDoc. > > Kind regards... > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
