This week's book giveaway is in the Design forum.
We're giving away four copies of Design for the Mind and have Victor S. Yocco on-line!
See this thread for details.
Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Lock container

 
Kumar Bhaskar
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

My assignment has the cookie version of the lock-unlock-update-delete methods.

So far I have a static WeakHashMap that stores record numbers as the keys and the cookies (long) as the values. Is this good?

I'm asking because I saw a posting that said cookies are only for security checks and should not be used to identify clients.

Thanks,
K D Bhaskar
[ June 16, 2004: Message edited by: Philippe Maquet ]
 
Philippe Maquet
Bartender
Posts: 1872
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Kumar,

To make the discussion easier, could you please give us the link to that thread?

Thank you,

Phil.
 
Kumar Bhaskar
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Phil,

Originally posted by Philippe Maquet:
Hi Kumar,

To make the discussion easier, could you please give us the link to that thread?

Thank you,

Phil.


Thread # 006857
You say:

Cookies uniquely identify locks granted, not clients, and play the role of a sort of "password" in update() / delete() / unlock().


Thanks
K D Bhaskar
 
Andrew Monkhouse
author and jackaroo
Marshal Commander
Pie
Posts: 11865
194
C++ Firefox Browser IntelliJ IDE Java Mac Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Kumar,

Phil is correct in thread 006857, in that using the lock cookie is not guaranteed to identify the client.

Some of the proposals in that thread for what to use as a lock cookie would make it very easy for any client to unlock a record for which they do not own the lock (e.g. if you used the record number as the cookie then it is trivial to unlock a record, likewise if you used an incremental number).

However, if you are using the Random class to generate the cookie, then you are going to get a random number somewhere between 9223372036854775807 and -9223372036854775808. It is no longer a trivial matter to determine a potential cookie for a lock you don't own (unless you use a constant seed for your random number).

So for all intents and purposes, if the same cookie is used in two subsequent calls, then you might want to assume that the same client is calling both methods. There is no guarantee that the same client is calling both methods, but it is a reasonable assumption.

If you want to guarantee that the client who locks the record is the only client who can then modify it or unlock it, then you will need to ignore the cookie as an identification mechanism, and look at an RMI Connection Factory or a Sockets based solution.

(Short answer: you might want to go with the assumption, and make a comment in your design decisions document about why you did not go for a more complex solution ).

Regards, Andrew
 
Kumar Bhaskar
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Andrew,

Thanks.

One more question. I've read postings here that talk about readme.txt. My instructions don't mention any readme file. They ask me to submit a userguide.txt for the database server and gui client.

So userguide.txt = readme.txt or should I submit a readme file too.

K D Bhaskar
 
Andrew Monkhouse
author and jackaroo
Marshal Commander
Pie
Posts: 11865
194
C++ Firefox Browser IntelliJ IDE Java Mac Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Kumar,

There are at many different assignments being worked on by different candidates. Some are so similar that it is difficult to work out what the differences are. And some are very obviously different. See the SCJD FAQ for more information about variants of assignments.

The "Fly By Night Services" assignment had a "readme.txt" file. The newer assignments have (I think) a "versions" file and a "choices" file which between them have much the same information. (The readme.txt file also described the file layout, but the new assignments tell you how you must layout your files, so this does not apply to you).

Bottom line: follow your instructions, not anyone else's. So don't bother trying to create a "readme.txt" file if your instructions don't require it.

Regards, Andrew
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic