OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Re: Cookies at XML Europe 2004 -- Call forParticipation

[ Lists Home | Date Index | Thread Index ]

>>>>> "Rich" == Rich Salz <rsalz@datapower.com> writes:

    Rich> Following REST principles, that information has to be sent
    Rich> every time the employee contacts the seller's website.  Is
    Rich> it scalable to require 3K overhead on every single
    Rich> transaction?

The actual overhead depends on your MTU size of course. If your MTU
size is 8KB, it wouldn't make much of a difference.

But I'm somewhat confused by what you try to say. Do you want to say
that without REST, you wouldn't have to sent this authentication? How
are requests identified and validated then? Only using a time-limited
small session key that you supply everytime?

With URL rewriting for example you can do that as well: just add the
session key to the url or so. I'm not sure if restarians would find
this acceptable, as the server still holds state in this case. But it
is just like a shopping cart: servers have to hold state if you POST,
and creating a session is just a POST.

But my head usually aches when discussing what is rest and what isn't
as it is usually a very nebulous area. Sorry if my points aren't coherent.

-- 
Regards,

Berend. (-:





 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS