On 8 June 2011 13:38, surajit ray <mr.surajit.ray at gmail.com> wrote:

> Hi Nina, Andreas,
>
> In the A&A workflow a token has a certain life time after which it
> becomes invalid. So if someone starts a task and provides a token for
> dataset access and upload - the access will work as it is done
> immediately and the token is valid, however the upload will fail as by
> that time the token would become invalid (as the task takes a long
> time). One way would be store the user credentials on the server
> (Maxtox) which I think is not the correct thing to do. The credentials
> should exists only in one secure place.
>

One solution could be to try to renew the token, while it is still valid.

Nina


> Another solution would be to have configurable lifetime for a token -
> but that would mean estimating the task completion time (which may be
> difficult if not impossible to do).
>
> A third method would be to store the result dataset locally, but that
> would compromise the data confidentiality in case the Maxtox server is
> compromised.
>
> What is the solution to this problem ?
>
> All in all I am finding it difficult to align the A&A requirements
> with our use case. Any help is appreciated ...
>
> Regards
> Surajit
> _______________________________________________
> Development mailing list
> Development at opentox.org
> http://www.opentox.org/mailman/listinfo/development
>