Dmitry Beransky wrote:
>
> I've been going through the code of Apache::Session trying to understand
> how it works and how to use it when it occurred to me that the module
> doesn't really measure up to it's name. I mean IMHO, the name is a bit
> misleading.
>
> First. It looks like the module's code is completely self-contained and
> doesn't depend on anything Apache. If my observations are true, why is it
> in the Apache hierarchy (except possibly for historical reasons)?
Yes, the name is purely historical. In reality, Apache::Session is a
persistence framework with multiple interchangable backing stores. You
still need to build your session management logic around it.
I tried to implement actual session management in the original 0.1x
Apache::Session series, but it was unworkable. Some people wanted
expiration, some people didn't. Some wanted cookies, others wanted
extended path information. I found it much more pleasing to simply
implement the part that everyone needed (storage management) and leave
the twidly little details up to the programmer.
If you want an environment that gives you session handling for free,
check out one of the many nice mod_perl toolkits, such as Embperl,
Apache::ASP, and HTML::Mason (?). Embperl makes use of Apache::Session,
but I don't know what implementation the others use.
> Second. It doesn't really manage sessions. It provides implementations
> for different models of persistent storage (memory, FS, DB, etc.). A
> complete Apache-based session managing mechanism (with session
> initialization, destruction, auto-expiration, etc.) still has to be coded
> on top of it.
>
> Any comments? Shouldn't it be renamed?
Possibly, but I don't know what the mechanics of moving a module are,
and I can't think of a good name anyway. Perhaps Persistent::Hash?
> Regards
> Dmitry Beransky
-jwb
--
Jeffrey W. Baker * [EMAIL PROTECTED]
Critical Path, Inc. * we handle the world's email * www.cp.net
415.808.8807
