[news.eclipse.technology.ecf] Concerns about this simple chat

["John F. Patterson" <john_patterson@xxxxxxxxxx>]

I understand that the simple chat outlined here is really more or less a 
hello world example, but I would like to explore my understanding by 
rasing some concerns about it.

First, since the ID of the SharedObject is based on a well-known name, 
i.e., "chat" anyone who has permission to join the server.com container 
may join the chat.  How do we restrict the chat to a limited audience?  
One approach seems to be to create the chat object with a random name 
and do a sendCreate to those we wish to invite.  Does this sound right?  
Is there some way to prevent those I invite from expanding the 
membership by doing a sendCreate to others?

Second, there does not appear to be any way to know who has joined the 
chat.  Thus, anyone could lurk and others would be unaware of the 
presence.  Shouldn't it be possible to learn who has created the chat 
object, e.g., something analogous to the members list for the container?

Third, since the name associated with a chat entry is completely under 
the control of the user, anyone could contribute to the chat without 
ever revealing the login name associated with their access to 
server.com.  Do the messages arrive tagged by the authenticated name of 
the sender?  If so, why wouldn't we use that name in the chat transcript?

jfp
Scott Lewis wrote:

> Hi John,
>
> John F. Patterson wrote:
>
> > OK, I see where I messed up.  I mistook the names passed in to the 
> > Chat object as the idenitifiers, but they clearly are not the IDs.  
> > They are merely nicknames that are bundled into the sent object 
> > (actually Object array).  The ID for the objects is "chat" on both 
> > sides.  Presumably, everyone with access to the container who also 
> > creates the "chat" object. may use the sendObjectToRemote method and 
> > the chat will go to System.out.  Is this right?
>
>
> Yes indeed!
>
> Scott