Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Modeling » EMF » [CDO] problem with authentication and durable lock id
[CDO] problem with authentication and durable lock id [message #1589206] Wed, 28 January 2015 09:48 Go to next message
Mickael LANOE is currently offline Mickael LANOEFriend
Messages: 1
Registered: October 2014
Junior Member
Hi,

I am facing a problem with two users using a CDO based application
(Sirius) with the same eclipse alternately.

The first user opens a session with his username, creates a transaction,
enables the durable lock id and saves it into a local file.
He acquires a read lock on an object and closes the session.

The second user also opens a session with another username and creates a
transaction with the previous durable lock id. Note that it is our
application (Sirius) that is automatically using the previous durable
lock id because it is saved locally.
We can see that the read lock is acquired by another but the second user
can also acquire a write lock on the same object.

I think we should verify that the user id stored in the LockArea is the
same as used in the session?

To prevent the creation of a transaction with a durable lock id that is
not owned by the current user, we could add this code in
org.eclipse.emf.cdo.internal.server.LockingManager.openView(ISession,
int, boolean, String):

LockArea area = getLockArea(durableLockingID);
if (StringUtil.compare(area.getUserID(), session.getUserID()) != 0)
{
throw new IllegalStateException("Durable owner does not match the
current user id");
}

But I not sure that this behavior is expected in all cases ?

Regards,
Re: [CDO] problem with authentication and durable lock id [message #1600532 is a reply to message #1589206] Wed, 04 February 2015 09:57 Go to previous message
Eike Stepper is currently offline Eike StepperFriend
Messages: 6445
Registered: July 2009
Senior Member
Hi Mickael,

This works as designed. The durable locking ID is a secret token that must either be kept private by the owning user or
the user must pass it on and accept that another user acts on his behalf.

Maybe you elaborate what your concrete problem is?

Cheers
/Eike

----
http://www.esc-net.de
http://thegordian.blogspot.com
http://twitter.com/eikestepper


Am 28.01.2015 um 10:48 schrieb Mickael LANOE:
> Hi,
>
> I am facing a problem with two users using a CDO based application
> (Sirius) with the same eclipse alternately.
>
> The first user opens a session with his username, creates a transaction,
> enables the durable lock id and saves it into a local file.
> He acquires a read lock on an object and closes the session.
>
> The second user also opens a session with another username and creates a
> transaction with the previous durable lock id. Note that it is our
> application (Sirius) that is automatically using the previous durable
> lock id because it is saved locally.
> We can see that the read lock is acquired by another but the second user
> can also acquire a write lock on the same object.
>
> I think we should verify that the user id stored in the LockArea is the
> same as used in the session?
>
> To prevent the creation of a transaction with a durable lock id that is
> not owned by the current user, we could add this code in
> org.eclipse.emf.cdo.internal.server.LockingManager.openView(ISession,
> int, boolean, String):
>
> LockArea area = getLockArea(durableLockingID);
> if (StringUtil.compare(area.getUserID(), session.getUserID()) != 0)
> {
> throw new IllegalStateException("Durable owner does not match the
> current user id");
> }
>
> But I not sure that this behavior is expected in all cases ?
>
> Regards,


Previous Topic:cannot add in watch points and duplicate task icons
Next Topic:EMF + RAP starts but does not show
Goto Forum:
  


Current Time: Sun Sep 22 12:31:04 GMT 2019

Powered by FUDForum. Page generated in 0.01913 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top