Re: Cookie problem when using wsrp comsumer

[Richard Jacob <ja...@apache.org>]

stephen chi zhang wrote:

> Hi guys,
> In a normal server-client scenario, if a user open two browsers with 
> cookie enabled to access a web site using cookies at same time, the 
> requests and responses the two browsers send and receive will start 
> sharing cookies stored in the client side. This is bad since only one 
> browser could successfully display correct content.
> Here comes  wsrp comsumer, since the comsumer can seen as web browser 
> from a wsrp provider's perspective ( browser is a user-agent to a 
> server, while wsrp consumer is a user-agent to the wsrp provider), the 
> cookie problem will inevitably happen to the comsumer side, that is 
> when two users access the comsumer at the same time, they will start 
> sharing cookies stored in the consumer.
> Could anyone suggest a solution to this problem or any comment or 
> analysis on this is mostly welcomed. thanks in advance.
>
In general the consumer woud need to do some book-keeping of the cookies 
it received from the producer and accordingly set these in the request 
back to the producer depending on which user's behalf the request is 
sent (See WSRP initCookie: it could be per user/per group).
If you compare the consumer to a browser and we want to stay in that 
model then the consumer is a smarter browser than what we know from 
todays browsers :-)
Each browser window would have each own cookie store and not share these 
cookies.

So in a smart and correct implementation this sharing wouldn't occur (we 
talk about cookies passed between consumer and producer).

cheers
Richard