You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@roller.apache.org by Allen Gilliland <Al...@Sun.COM> on 2006/02/20 21:43:11 UTC
keepalive.jsp
this looks like an old and unused session debugging tool, do we need to
keep it?
-- Allen
Re: keepalive.jsp
Posted by Matt Raible <mr...@gmail.com>.
Lance?
On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> but is it still used? the only place I see it referenced is in
> WeblogEdit.jsp and it's commented out. i just checked and it's been
> commented out since before Roller 1.2 so it hasn't been used for quite a
> while.
>
> -- Allen
>
>
> On Mon, 2006-02-20 at 13:10, Matt Raible wrote:
> > Lance added this to keep the session alive while editing a blog. I
> > think it's important especially since Acegi doesn't hold request
> > parameters though a login.
> >
> > Matt
> >
> > On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> > > this looks like an old and unused session debugging tool, do we need to
> > > keep it?
> > >
> > > -- Allen
> > >
> > >
> > >
>
>
Re: keepalive.jsp
Posted by Matt Raible <mr...@gmail.com>.
FWIW, I've been using Acegi on my site since 2.0 and haven't had any
lost posts. I regularly use the UI to post, as well as using a blog
editor. I suggest we *strongly* encourage our users to use tools like
MarsEdit, w.bloggar and Performancing for Firefox. These will
generally have a nicer and easier to use UI than we can produce - and
they all work with Roller!
Matt
On 2/21/06, Allen Gilliland <Al...@sun.com> wrote:
> I fully agree. Acegi should be able to maintain posted data through a
> login. The other reason to fix this in Acegi and not use the
> keepalive.jsp is that this situation is technically a problem on any
> form anywhere in the UI and we can't have the keepalive.jsp included in
> all of our forms.
>
> -- Allen
>
>
> On Tue, 2006-02-21 at 06:05, David M Johnson wrote:
> > I'd much rather fix the Acegi POST-through-auth problem than re-
> > introduce keep-alive. If we do it, we should make it optional so
> > security conscious installations can turn it off.
> >
> > - Dave
> >
> >
> >
> > On Feb 21, 2006, at 8:32 AM, Lance Lavandowska wrote:
> >
> > > Dave and I had a bit of a commit war, where he commented it out, I
> > > uncommented it, ....
> > >
> > > Eventually he won. I'm not certain, but I think his concerns were
> > > server load and/or that the iframe I was using was unattractive
> > > (though I did my best to make it look nice).
> > >
> > > My 2 bits, obviously, suggest putting it back in.
> > >
> > > Lance
> > >
> > > On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> > >> but is it still used? the only place I see it referenced is in
> > >> WeblogEdit.jsp and it's commented out. i just checked and it's been
> > >> commented out since before Roller 1.2 so it hasn't been used for
> > >> quite a
> > >> while.
> > >>
> > >> -- Allen
> > >>
> > >>
> > >> On Mon, 2006-02-20 at 13:10, Matt Raible wrote:
> > >>> Lance added this to keep the session alive while editing a blog. I
> > >>> think it's important especially since Acegi doesn't hold request
> > >>> parameters though a login.
> > >>>
> > >>> Matt
> > >>>
> > >>> On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> > >>>> this looks like an old and unused session debugging tool, do we
> > >>>> need to
> > >>>> keep it?
> > >>>>
> > >>>> -- Allen
> > >>>>
> > >>>>
> > >>>>
> > >>
> > >>
> >
>
>
Re: keepalive.jsp
Posted by Allen Gilliland <Al...@Sun.COM>.
I fully agree. Acegi should be able to maintain posted data through a
login. The other reason to fix this in Acegi and not use the
keepalive.jsp is that this situation is technically a problem on any
form anywhere in the UI and we can't have the keepalive.jsp included in
all of our forms.
-- Allen
On Tue, 2006-02-21 at 06:05, David M Johnson wrote:
> I'd much rather fix the Acegi POST-through-auth problem than re-
> introduce keep-alive. If we do it, we should make it optional so
> security conscious installations can turn it off.
>
> - Dave
>
>
>
> On Feb 21, 2006, at 8:32 AM, Lance Lavandowska wrote:
>
> > Dave and I had a bit of a commit war, where he commented it out, I
> > uncommented it, ....
> >
> > Eventually he won. I'm not certain, but I think his concerns were
> > server load and/or that the iframe I was using was unattractive
> > (though I did my best to make it look nice).
> >
> > My 2 bits, obviously, suggest putting it back in.
> >
> > Lance
> >
> > On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> >> but is it still used? the only place I see it referenced is in
> >> WeblogEdit.jsp and it's commented out. i just checked and it's been
> >> commented out since before Roller 1.2 so it hasn't been used for
> >> quite a
> >> while.
> >>
> >> -- Allen
> >>
> >>
> >> On Mon, 2006-02-20 at 13:10, Matt Raible wrote:
> >>> Lance added this to keep the session alive while editing a blog. I
> >>> think it's important especially since Acegi doesn't hold request
> >>> parameters though a login.
> >>>
> >>> Matt
> >>>
> >>> On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> >>>> this looks like an old and unused session debugging tool, do we
> >>>> need to
> >>>> keep it?
> >>>>
> >>>> -- Allen
> >>>>
> >>>>
> >>>>
> >>
> >>
>
Re: keepalive.jsp
Posted by David M Johnson <Da...@Sun.COM>.
I'd much rather fix the Acegi POST-through-auth problem than re-
introduce keep-alive. If we do it, we should make it optional so
security conscious installations can turn it off.
- Dave
On Feb 21, 2006, at 8:32 AM, Lance Lavandowska wrote:
> Dave and I had a bit of a commit war, where he commented it out, I
> uncommented it, ....
>
> Eventually he won. I'm not certain, but I think his concerns were
> server load and/or that the iframe I was using was unattractive
> (though I did my best to make it look nice).
>
> My 2 bits, obviously, suggest putting it back in.
>
> Lance
>
> On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
>> but is it still used? the only place I see it referenced is in
>> WeblogEdit.jsp and it's commented out. i just checked and it's been
>> commented out since before Roller 1.2 so it hasn't been used for
>> quite a
>> while.
>>
>> -- Allen
>>
>>
>> On Mon, 2006-02-20 at 13:10, Matt Raible wrote:
>>> Lance added this to keep the session alive while editing a blog. I
>>> think it's important especially since Acegi doesn't hold request
>>> parameters though a login.
>>>
>>> Matt
>>>
>>> On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
>>>> this looks like an old and unused session debugging tool, do we
>>>> need to
>>>> keep it?
>>>>
>>>> -- Allen
>>>>
>>>>
>>>>
>>
>>
Re: keepalive.jsp
Posted by Lance Lavandowska <la...@gmail.com>.
Dave and I had a bit of a commit war, where he commented it out, I
uncommented it, ....
Eventually he won. I'm not certain, but I think his concerns were
server load and/or that the iframe I was using was unattractive
(though I did my best to make it look nice).
My 2 bits, obviously, suggest putting it back in.
Lance
On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> but is it still used? the only place I see it referenced is in
> WeblogEdit.jsp and it's commented out. i just checked and it's been
> commented out since before Roller 1.2 so it hasn't been used for quite a
> while.
>
> -- Allen
>
>
> On Mon, 2006-02-20 at 13:10, Matt Raible wrote:
> > Lance added this to keep the session alive while editing a blog. I
> > think it's important especially since Acegi doesn't hold request
> > parameters though a login.
> >
> > Matt
> >
> > On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> > > this looks like an old and unused session debugging tool, do we need to
> > > keep it?
> > >
> > > -- Allen
> > >
> > >
> > >
>
>
Re: keepalive.jsp
Posted by "Matthew P. Schmidt" <ma...@javalobby.org>.
It may be important to put this back in then. At JRoller, I've seen
several people say that they were editing then left for a while and
their session had died. This could provide a fix.
-Matt
Allen Gilliland wrote:
>but is it still used? the only place I see it referenced is in
>WeblogEdit.jsp and it's commented out. i just checked and it's been
>commented out since before Roller 1.2 so it hasn't been used for quite a
>while.
>
>-- Allen
>
>
>On Mon, 2006-02-20 at 13:10, Matt Raible wrote:
>
>
>>Lance added this to keep the session alive while editing a blog. I
>>think it's important especially since Acegi doesn't hold request
>>parameters though a login.
>>
>>Matt
>>
>>On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
>>
>>
>>>this looks like an old and unused session debugging tool, do we need to
>>>keep it?
>>>
>>>-- Allen
>>>
>>>
>>>
>>>
>>>
>
>
>
Re: keepalive.jsp
Posted by Allen Gilliland <Al...@Sun.COM>.
but is it still used? the only place I see it referenced is in
WeblogEdit.jsp and it's commented out. i just checked and it's been
commented out since before Roller 1.2 so it hasn't been used for quite a
while.
-- Allen
On Mon, 2006-02-20 at 13:10, Matt Raible wrote:
> Lance added this to keep the session alive while editing a blog. I
> think it's important especially since Acegi doesn't hold request
> parameters though a login.
>
> Matt
>
> On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> > this looks like an old and unused session debugging tool, do we need to
> > keep it?
> >
> > -- Allen
> >
> >
> >
Re: keepalive.jsp
Posted by Matt Raible <mr...@gmail.com>.
Lance added this to keep the session alive while editing a blog. I
think it's important especially since Acegi doesn't hold request
parameters though a login.
Matt
On 2/20/06, Allen Gilliland <Al...@sun.com> wrote:
> this looks like an old and unused session debugging tool, do we need to
> keep it?
>
> -- Allen
>
>
>