Hi Andreas,

On 9 June 2011 01:41, Nina Jeliazkova <jeliazkova.nina at gmail.com> wrote:
> On 8 June 2011 13:38, surajit ray <mr.surajit.ray at gmail.com> wrote:
>
>> Hi Nina, Andreas,
>>
>> In the A&A workflow a token has a certain life time after which it
>> becomes invalid. So if someone starts a task and provides a token for
>> dataset access and upload - the access will work as it is done
>> immediately and the token is valid, however the upload will fail as by
>> that time the token would become invalid (as the task takes a long
>> time). One way would be store the user credentials on the server
>> (Maxtox) which I think is not the correct thing to do. The credentials
>> should exists only in one secure place.
>>
>
> One solution could be to try to renew the token, while it is still valid.
>

Whats the mechanism to renew tokens ?

> Nina
>
>
>> Another solution would be to have configurable lifetime for a token -
>> but that would mean estimating the task completion time (which may be
>> difficult if not impossible to do).
>>
>> A third method would be to store the result dataset locally, but that
>> would compromise the data confidentiality in case the Maxtox server is
>> compromised.
>>
>> What is the solution to this problem ?
>>
>> All in all I am finding it difficult to align the A&A requirements
>> with our use case. Any help is appreciated ...
>>
>> Regards
>> Surajit
>> _______________________________________________
>> Development mailing list
>> Development at opentox.org
>> http://www.opentox.org/mailman/listinfo/development
>>
> _______________________________________________
> Development mailing list
> Development at opentox.org
> http://www.opentox.org/mailman/listinfo/development
>

regds
Surajit