Re: HTTP based async request-response from Rich Salz on 2005-02-03 (public-ws-async-tf@w3.org from February 2005)

From: Rich Salz <rsalz@datapower.com>
Date: Wed, 2 Feb 2005 22:30:39 -0500 (EST)
To: Marc Hadley <Marc.Hadley@Sun.COM>
cc: "public-ws-async-tf@w3.org" <public-ws-async-tf@w3.org>
Message-ID: <Pine.LNX.4.44L0.0502022224520.5094-100000@smtp.datapower.com>

>  Basically the request is sent as normal as the entity body
> of a HTTP POST request but instead of returning the response in the
> HTTP entity body, the server responds with a 303 (See other) status
> code and includes a Location header that gives a URI from which the
> response can be retrieved. The client then uses a new HTTP GET request
> to retrieve the response.

How can I be sure that the client doing the "new GET" is in fact the same
as the first client who did the original POST?
        /r$
-- 
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html

Received on Thursday, 3 February 2005 03:30:43 UTC