Sean Abrahams
sa at sfsu.edu
Mon Aug 5 09:38:58 EST 2002
I currently find myself having to create a web application using session management (without cookies). I know there has been some discussion in the past about adding a session handler to mod_python, but I was hoping to get some help or get pointed in some directions for my development. I've heard that Apache 2.x has a shared memory space? I'm assuming session data can be temporarily stored there for quick creation, access, destruction? I'm new to mod_python and apache handlers, so I'm currently going through some learning curves. Anyone willing to share their session development experience? Here's my base idea (comments encouraged!): 1. I'll have a base directory that requires authorization (/var/www/apps) which is accessed via the web at htts://foo.bar/apps 2. Any URL pointing to /var/www/apps and its subdirectories will be handled by a central login script. It will store the initial URL the user hit, so it can output the user to where he/she wished to go after authorization. Thus, I can give people a direct link to an application that's located somewhere inside /var/www/apps and it will prompt them with the universal HTML login screen, then take them back to the URL they originally entered. 3. When they login, their user/pass will be checked against a database, with a positive ID creating a session. Throughout the session, I can add/remove/modify data stored in the session data, between pages, etc. (I'm not sure if it's fastest to store session data in the file system or a DB, but I'm assuming being able to store it in the system RAM would be most ideal. This is where the Apache 2.x share memory comes in?) 4. Session ends when user clicks "logout", leaves my domain, or closes the browser. Thus, if the user leaves the domain, then hits back in their browser, he/she will get a "user authentication required" error, or something similar. I'm definitely excited about putting this together, just a little disappointed in not being able to find a guide that helps me do this. Thus, as a side effect to my development of this, and the help I receive from this list, I will write and publish a guide detailing how to create this functionality, providing the source code as well. Thank you! Sean
|