> > I can see the benefit in being stateless (SOAP and URLs are sort of
> > meant to be stateless after all). If state is important, then I think
> > it needs to be explicit. For example, allow a response to include
> > a session id (with a time to live value). Following requests are allowed
> > to include that session id.
> If we have (persistent) result set names, do we still need session ids?
Yes. Otherwise you could subvert other users' result sets as you don't
know who created it.
,'/:. Rob Sanderson ([log in to unmask])
,'--/::(@)::. Special Collections and Archives, extension 3142
,'---/::::::::::. Twin Cathedrals: telnet: liverpool.o-r-g.org 7777
____/:::::::::::::. WWW: http://liverpool.o-r-g.org:8000/
I L L U M I N A T I