Session ID
4 views
Skip to first unread message
sha...@vt.edu
Mar 26, 2025, 3:23:21 PMMar 26
to SPLICE Smart Learning Content Protocol
Cay -- Raising a topic related to, but an evolution from, the discussion on controlling who can request an exercise.
Talking with Steve today, we came to the conclusion that it would be a good idea for the SPLICE protocol to explicitly adopt support for having the server issue some sort of session ID to the client, who would then refer to that session ID for all future associated traffic. This would subsume the issue of controlling who has access (if the server doesn't like you, it can just not give you an ID that it recognizes, and then not accept future communications that don't have a valid ID).
But more generally, it lets the server keep track of all incoming events and other traffic associated with a particular session (use) of a particular exercise.
What do you think of this idea?
-- Cliff
Cay Horstmann
Mar 30, 2025, 10:48:48 AMMar 30
to splice-smart-learni...@googlegroups.com
Hi, I am not sure I understand how such a session ID is used.
If the smart learning element (the one inside the iframe) does not talk to a third party, then there is no need for a session ID. The embedding page can already track the source of any postMessage messages that it receives.
I could potentially see a utility if there is a third party server that the smart learning element contacts.
embedding page
embedded iframe --------------> third party server
Is that the scenario of interest? Who will consume the session ID? It's really only useful if the third party server contacts the server that generated the embedding page.
Right now the spec provides for
user_id: an optional unique and opaque user ID,
context_id: an optional unique and opaque ID of the context
(such as a course assignment or ebook section)
Is that not enough? We can add an optional session_id to the getState response.
Keep in mind that the server can send anything to the client in the getState response. The only value of adding session_id to the spec is to reserve that name.
Cheers,
Cay
Il 26/03/25 20:23, sha...@vt.edu ha scritto:
> --
> You received this message because you are subscribed to the Google Groups "SPLICE Smart Learning Content Protocol" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to splice-smart-learning-con...@googlegroups.com <mailto:splice-smart-learning-con...@googlegroups.com>.
> To view this discussion visit https://groups.google.com/d/msgid/splice-smart-learning-content-protocol/cbd25dfe-0674-47b0-899b-2f23ca3fba15n%40googlegroups.com <https://groups.google.com/d/msgid/splice-smart-learning-content-protocol/cbd25dfe-0674-47b0-899b-2f23ca3fba15n%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout <https://groups.google.com/d/optout>.
--
Cay S. Horstmann | https://horstmann.com
If the smart learning element (the one inside the iframe) does not talk to a third party, then there is no need for a session ID. The embedding page can already track the source of any postMessage messages that it receives.
I could potentially see a utility if there is a third party server that the smart learning element contacts.
embedding page
embedded iframe --------------> third party server
Is that the scenario of interest? Who will consume the session ID? It's really only useful if the third party server contacts the server that generated the embedding page.
Right now the spec provides for
user_id: an optional unique and opaque user ID,
context_id: an optional unique and opaque ID of the context
(such as a course assignment or ebook section)
Is that not enough? We can add an optional session_id to the getState response.
Keep in mind that the server can send anything to the client in the getState response. The only value of adding session_id to the spec is to reserve that name.
Cheers,
Cay
Il 26/03/25 20:23, sha...@vt.edu ha scritto:
> You received this message because you are subscribed to the Google Groups "SPLICE Smart Learning Content Protocol" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to splice-smart-learning-con...@googlegroups.com <mailto:splice-smart-learning-con...@googlegroups.com>.
> To view this discussion visit https://groups.google.com/d/msgid/splice-smart-learning-content-protocol/cbd25dfe-0674-47b0-899b-2f23ca3fba15n%40googlegroups.com <https://groups.google.com/d/msgid/splice-smart-learning-content-protocol/cbd25dfe-0674-47b0-899b-2f23ca3fba15n%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout <https://groups.google.com/d/optout>.
--
Cay S. Horstmann | https://horstmann.com
Reply all
Reply to author
Forward
0 new messages