Hello, finally I've been able to make session sharing (the realm thing) to work
both when cookies are enabled and when they are disabled with url-rewriting.

The behavior in url-rewriting is that, when switching from realm1 to realm2 the session is reset in realm2:
this means
(setf *session* nil) and (setf (session request) nil).

So this will make to create a new session for realm2 but it will maintain the session for realm1.
Navigating inside the same realm maintains the session.

I need the realm behavior for my project (renamed to claw Common Lisp Action Web) that hopefully will be soon delivered on common-lisp.net

The actual samples are built against claw, that uses the modified(patched) version of hunchentoot v.0.15.0 .

I can add samples in hunchentoot test file too, and send the patched version (is there a svn/cvs version around?), or if you prefer I can give the huncentoot-overrides.lisp file that
contains modifications.

Please let me know, because I need these info to proceed with my project.

Have a nice day,
Andrea Chiumenti


On Jan 14, 2008 4:10 PM, Andrea Chiumenti < kiuma72@gmail.com> wrote:
Option 4) if no session cookie handling, then realm is ignored (maybe this is the most correct)


On Jan 14, 2008 3:33 PM, Andrea Chiumenti <kiuma72@gmail.com > wrote:
Edi,
I've been able to make it work with url-rewriting, but I don't know how rewriting should behave when referencing other realms.
options are
1) append the sessionid for realm1 even to realm2 related resources (not very correct).
2) append nothing if resources belong to realm 2. (correct and easy), but when navigate from realm1 to realm2 you'll loose the session if cookies are disabled.
3) handle a sort of parent session that holds all sessions in realms, and then handle the url rewriting... (this requires more work)

kiuma


On Jan 14, 2008 1:24 PM, Andrea Chiumenti <kiuma72@gmail.com> wrote:
Edi,
As a Murphi Law confirmation, session handling with session encoded into request doesn't work :/, I'm working on it.
Modifications are of course backward compatible!

The importance on separate sessions depends only on how a person want to use hunchentoot, it has sense only if someone want to use hunchentoot as an application server so having sessions bound
do 'deployed' applications.

I'll make the realm patch work very soon,
cu,

kiuma


On Jan 14, 2008 8:52 AM, Edi Weitz < edi@agharta.de > wrote:
On Wed, 9 Jan 2008 11:27:21 +0100, "Andrea Chiumenti" < kiuma72@gmail.com> wrote:

> I've no idea on how to do with cookies disabled, because I'm
> relatively new to Hunchentoot

Well, as I already said, I currently don't have the time to do this,
and I don't think it's a very important feature.  So, you'll either
have to send a complete and fully-tested patch that's
backwards-compatible or you'll have to wait until I get around to do
it myself.

Cheers,
Edi.
_______________________________________________
tbnl-devel site list
tbnl-devel@common-lisp.net
http://common-lisp.net/mailman/listinfo/tbnl-devel