[Info-vax] First ship poll: When will the first native x86-64 compilers ship ?
Arne Vajhøj
arne at vajhoej.dk
Sun Apr 17 13:13:13 EDT 2022
On 4/16/2022 11:36 PM, Richard Maher wrote:
> *** On "performance" note that Tier3's socket multiplexing via JAVA
> Applet STATIC variables predated HTTP 1.1 and Google's multiplexing.
I suspect that you mean HTTP/2 not 1.1.
> But everyone agrees *no one* would start today with HTTP as the
> client/server middleware protocol of choice! It just happened and we are
> where we are.
:-)
> When it comes to RESTful the main problem is sessions, by definition,
> are out of scope. Then you get your regular Java wankers telling you
> JWTs are the answer except they're a huge security and performance risk.
> But they are popular 'cos all the session data is in the JWT cookie but
> can't be cancelled and leads to same cognoscente deciding to revalidate
> every 10secs :-(
>
> Which delivers us nicely to FIDO2 passwordless(ish) authentication.
REST is by definition stateless. But auth & auth is obviously still
needed. And there are various ways of handling that.
I do not have strong feelings pro or con JWT.
> But that's just authentication, what about authorization? Well that's
> where VMS has to support REDis cache, or whatever Oracle has.
VMS applications should be able to talk to use Redis if the necessary
client libraries are available.
There are different C libraries available - I have no idea whether
f.ex. hiredis build on VMS.
VMS PHP comes with Redis support per documentation.
The standard Python Redis client should work with VMS Python.
There are different Java libraries available but they are
pure Java so they should work with VMS Java.
Arne
More information about the Info-vax
mailing list