Menu
▾
▴
Re: [Exist-development] [Exist-commits] SF.net SVN: exist:[15778] trunk/eXist/src/org/exist/security/internal/ SecurityManagerImpl.java
|
From: Dmitriy S. <sha...@gm...> - 2012-02-02 09:00:13
|
Session id used by org.exist.protocolhandler.protocols.xmldb for authentication right now. On Thu, Feb 2, 2012 at 1:54 PM, Adam Retter <ad...@ex...> wrote: > But why do they need sessions? Why can't they just he static objects? > On Feb 2, 2012 5:09 AM, "Dmitriy Shabanov" <sha...@gm...> wrote: > >> That's for two build-in accounts: SYSTEM & GUEST. >> >> I can't say that I'm very happy, but previous design was ever worse. >> Create new object each time SYSTEM or GUEST account required is >> unnecessary waste of resources (memory), during single "external" >> operation that happen several time. I do believe that SYSTEM & GUEST can >> share one session object for all operations. (SYSTEM as minimum). Plus, >> this sessions should live forever. >> >> On Thu, Feb 2, 2012 at 4:40 AM, Adam Retter <ad...@ex...> wrote: >> >>> I really feel that session management should NOT be in the >>> SecurityManager - concerns are being muddied. The SessionManager >>> should be a seperate layer above and subject to the SecurityManager. >>> >> >> -- Dmitriy Shabanov |
