You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by Oliver Zeigermann <oz...@c1-fse.de> on 2004/06/23 09:19:40 UTC
Removing public SlideTokenWrapper(SlideToken token, boolean forceStoreEnlistment)
As I described before there is a problem with the the frequent usage of
SlideTokenWrapper to have code executed outside the current transaction.
Security code does this all the time. However, this only works
because of flaws in all current XAResource implementations that match
this bug. I wanted to fix this flaw to have the implementations more
spec compliant. This is mandatory for the external transaction stuff I
am currently working on.
To avoid frequent usage of the SlideTokenWrapper to have code executed
outside the current transaction I opt for removing constructor
> public SlideTokenWrapper(SlideToken token, boolean forceStoreEnlistment)
and only having
> public SlideTokenWrapper(SlideToken token)
This would of course require lots of changes in the code, but I would be
willing to do so.
If someone really knows what he does and wants code to be executed
outside of the current transaction you could still call
setForceStoreEnlistment after the ctor. This will for example be done in
the check if a requested URI is a collection before a transaction is
even started in the GET and POST methods.
If I do not hear any objections I will do it the way described.
Oliver
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org
Re: Removing public SlideTokenWrapper(SlideToken token, boolean forceStoreEnlistment)
Posted by Oliver Zeigermann <oz...@c1-fse.de>.
OK, I did not hear objectios, so I did as described. I have set a tag
called BEFORE_NO_READ_OUTSIDE_TX before I have done so.
Oliver
Oliver Zeigermann wrote:
> As I described before there is a problem with the the frequent usage of
> SlideTokenWrapper to have code executed outside the current transaction.
> Security code does this all the time. However, this only works
> because of flaws in all current XAResource implementations that match
> this bug. I wanted to fix this flaw to have the implementations more
> spec compliant. This is mandatory for the external transaction stuff I
> am currently working on.
>
> To avoid frequent usage of the SlideTokenWrapper to have code executed
> outside the current transaction I opt for removing constructor
>
>> public SlideTokenWrapper(SlideToken token, boolean forceStoreEnlistment)
>
>
> and only having
>
>> public SlideTokenWrapper(SlideToken token)
>
>
> This would of course require lots of changes in the code, but I would be
> willing to do so.
>
> If someone really knows what he does and wants code to be executed
> outside of the current transaction you could still call
> setForceStoreEnlistment after the ctor. This will for example be done in
> the check if a requested URI is a collection before a transaction is
> even started in the GET and POST methods.
>
> If I do not hear any objections I will do it the way described.
>
> Oliver
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: slide-dev-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org