[AWS] Cookie again

David Marceau davidmarceau@sympatico.ca
Fri, 22 Nov 2002 13:38:05 -0500 

Michal Morawski wrote:
> 
> The reason of such solution is the following:
> 
> I have designed a rather sophisticated web server to take exam by students.
> However some other topics (taking a results, printing reports to dean, etc.)
> are under control of Apache.
> 
> Then after authenticating the student and after make sure the exam is
> opened, the Apache redirects student to my server but it is required some
> safety checking.
> 
> I think, the correct result may be obtained by generating random number in
> the php script on Apache, then sending the string as a cookie to client AND
> posting as a parameter the same string when redirecting client to exam
> server.
> 
> The same solutuion (but in reverse direction) should be used when storing
> results of the exam in the Apache database.
> 
> All numbers is used only once, so safety is under control (playback is
> locked on the server internally).
> 
> But maybe someone knows another solution of the problem?
> 
> Sincerely
> 
> Michal
> 
> _______________________________________________
> AWS mailing list
> AWS@lists.act-europe.fr
> http://lists.act-europe.fr/mailman/listinfo/aws
IMHO your technical solution lies out of AWS subject matter for the
following reasons:
1)Ok you wish to clarify behaviour requirements for your system design
2)If I understand correctly you have a portal served up by an apache
server in some university/college/high school...
3)When a student wants to write an exam via his web browser he goes to
the apache portal page and clicks somewhere which redirects him to the
aws server
4.1)IMHO if the exam was held on the aws server, the exam could be an
html input form, in which case any information filled out could be
submitted back directly to the apache server instead of aws.
4.2)IMHO if the exam was held on the aws server, the exam could be a
java applet running in the web browser that downloaded from the aws
server.  In that case again the answers could be submitted back directly
to the apache server.
4.3)In either case, the role of what your cookie was containing could be
sent with other means i.e. html form input submit or java tcp/ip
connection, etc...

I'm sorry I'm not solving your problem but I hope I am clarifying your
problem or your system requirements/behaviour.  If I were you I would
draw a few UML collaboration diagrams or sequence diagrams and talk to
some other coders to see what they think.  IMHO talking with pictures is
much easier.
That way other people can scribble in their perceptions of how the
system could behave and where/when exactly too.

As it stands the more information you give me, the more I am convinced
the cookie mechanism is not necessarily the only way or the best way to
achieve what you want to happen.

Thanks for listening :)