We encountered just this situation when we started to move from a win32 application connecting to an RDBMS to a web based app. On the win32 app, the DB authenticated each user with a loginid/pw. Since some users still use the win32 app, we can't just abandon the DB authentication, so here's what we did:
Since the web users generaly login to the site once a day and then work for awhile, (we keep the login associated to a session cookie in the DB), we run the login script as a CGI, test the loginid/passwd in a connect, store the session info, then issue a redirect. All of the other pages use Apache::DBI with a "web-user" DB login. This allows us take advantage of the persistent connections for most of the requests. One trick here, if you're using the DB to enforce business rules based on the login, then you'll have to encorporate those rules into your mod_perl programs -- effectively giving the "web-user" the power to do whatever any of the users might need to. Fortunately, we were able to do this fairly easily. I'm open to opinions on this approach. Eric Frazier wrote: > Hi, > > I was all happy and rolling along when I read this in the docs. > > "With this limitation in mind, there are scenarios, where > the usage of Apache::DBI is depreciated. Think about a > heavy loaded Web-site where every user connects to the > database with a unique userid. Every server would create > many database handles each of which spawning a new backend > process. In a short time this would kill the web server." > > I will have many different users, users as in database users. So am I just > screwed and won't be able to keep connections open? > Or maybe the idea would be to go ahead and let that happen, but timeout the > connection in 5 mintues or so? That way I wouldn't have open connectoins > from user bob from 5 hours ago still siting around. Or am I totaly not > getting it at all? > > I am using Postgress, I am wondering how big DBs deal with this sort of > thing. I am also wondering what the actual overhead is in starting the > connection and if there is anything that I could to to limit that without > validating a specific user. > > Last of all, I might not be posting this to the right place, but I hope so. > It seems to me there is a grey area when it comes to Apache modules when you > are using them with mod_perl. Or else I just don't know enough yet to see > there is not a grey area :) > > Thanks, > > > Eric > > http://www.kwinternet.com/eric > (250) 655 - 9513 (PST Time Zone) > > > > > -- ---------------------------------------------------- Kevin Berggren 760-480-1828 System Maker, Inc 3913 Sierra Linda Dr. Escondido, CA 92025
