I've pointed to the fact that its not a problem of activerecord but
the stubbornness of the camping session module (insisting on natural
primary key) that keeps it from working
--
Julian "Julik" Tarkhanov
On 29-jul-2008, at 17:13, "Bluebie, Jenna"
<[EMAIL PROTECTED]> wrote:
Also worth noting that camping includes it's own session support.
We're not using bits from rails for sessions except for ActiveRecord
itself, and then only if you're using active record sessions. You
might like to try the cookie sessions included in current Camping
2.0 builds (Magnus has more info on where you can grab those gems)
which doesn't depend on ActiveRecord, if your session data can fit
in under a couple of KB's. There's also an older though fully
functional implementation of cookie sessions on the wiki for 1.5 by
yours truly. :)
essentially it works by storing the @state hash in a cookie, and
digitally signing the data with an SHA hash of some sort, so while
the user can see what's in their session if they're determined
enough, they cannot tamper with it without knowing rather secret
details about your server environment. You can also provide a custom
key in your code for it to use for security bonus points. Without
the key, so long as SHA isn't ever broken, they won't be able to
tamper with the data without the server realizing and invalidating
the session, starting them afresh. :)
I really hope the ActiveRecord crew sort this out before we get too
close to releasing 2.0 officially! :)
_______________________________________________
Camping-list mailing list
Camping-list@rubyforge.org
http://rubyforge.org/mailman/listinfo/camping-list
_______________________________________________
Camping-list mailing list
Camping-list@rubyforge.org
http://rubyforge.org/mailman/listinfo/camping-list
