Re: [RFC] Apache::SessionManager

Fri, 02 Aug 2002 09:08:55 -0700 

On Fri, 02 Aug 2002 11:33:15 -0400
Perrin Harkins <[EMAIL PROTECTED]> wrote:

> Enrico Sorcinelli wrote:
> > Apache::SessionManager creates an object session (in Header parsing phase, 
> > but not obligatorily) and make it available to all other handlers 
> > transparently by putting in pnotes. Others handlers can retrieve session
> > directly from pnotes or by calling the simple function 
> > Apache::SessionManager::get_session($r)
> 
> It would be better if you don't instantiate the session until someone 
> asks for it the first time.  
>That will prevent unnecessary work.  Also, 
> when using Apache::Session with any locking module except NullLocker, 
> it's very important to have the session object exist for the shortest 
> possible time because it is locking out all other access to that session 
> while it exists.  (For this reason, it's also very important to make 
> sure that requests for images and other static objects don't instantiate 
> Apache::Session objects.)
> 

With Apache::SessionManager you can use tree distinct mechanism to prevent
this:
        1) By activating the module only certain Location or Directory block:

        <Location /with-session>
                PerlHeaderParserHandler Apache::SessionManager
                PerlSetVar SessionTracking On
        </Location>

        2) By setting 'SessionItemExclude' directive to bypass all request
           matching the regexp. For example with:
 
                PerlSetVar SessionItemExclude "\.m.*$"

           all the request (URI) ending by ".mpeg", ".mpg" or ".mp3" will
           be declined (no session object are created)

        3) By de-activating the module in Location or Directory block:

        <Location /with-no-session>
                PerlSetVar SessionTracking Off
        </Location>


> Some of the Apache::Auth* modules like Apache::AuthCookieURL are close, 
> but I don't know of any that do the actual glue with Apache::Session. 
> You might want to look at some of the existing modules and see if a 
> merge of some kind is possible.
> 

This modules haven't glue with Apache::Session

The only way that I know to have a session framework is to use mod_perl 
application server like AxKit, HTML::Mason or Apache::ASP ...

I've written Apache::SessionManager to be used _also_ in a mod_perl handlers 
or in a CGI script over Registry.

Thanks for your interest

        - Enrico





=================================
Enrico Sorcinelli - Gruppo E-Comm 
Italia On Line S.p.a.
Via Malagoli, 12 - 56124 Pisa
Tel. +39 050 944303
E-Mail: [EMAIL PROTECTED]
================================

Reply via email to