* Duncan Mac-Vicar Prett
On Tuesday 25 August 2009 17:04:09 Klaus Kaempf wrote:
How's that ? Please elaborate.
In the client side right now if you want to change the time of the host, you do a GET /systemtime which in turns does a GET in the service, interpret the xml and then render the html. Then a put is done to /systemtime when clicking "Save" and that generates a put in to the service.
Now, the service.. where? well, the "site" of the ActiveResource stuff is stored in the session and comes from the login. That is why we have /systemtime in the client, otherwise you could not know to what host to get the time from.
Karel is propossing that the host is part of the client url, so /host1/systemtime show the same controller and html than /host2/systemtime, but one calls different service urls than the other. Therefore fully "stateless".
Ah, now I get it, thanks ! Well, I agree with the proposal in principle but changing this has a couple of more consequences I fear. Like reworking the complete authentication/session stuff. Actually, that's something for a future version of WebYaST which should use something like http://code.google.com/p/rolerequirement But this needs a deeper discussion with the security team. Klaus --- SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org For additional commands, e-mail: yast-devel+help@opensuse.org