[hunchentoot-devel] Sessions for realm aware Realm
Hello, I've created a small example of how the changes I've applied to hunchentoot manage session for realm awareness. To keep things clear I've only used cl-who, that nearly everyone knows here. The test comes with its usual asd file. To run the test, just run: CL-USER> (asdf:operate 'asdf:load-op :new-session) CL-USER> (new-session:start-test) and follow "http://localhost:4242/new-session/index.html" on your browser. Try it with cookies enabled and disabled, with *rewrite-for-session-urls* set to T and nil. Let me know, kiuma
Hi Andrea, if I understand your source code right, what you need is a realm argument to START-SESSION that makes it possible to have multiple sessions on one Hunchentoot server. Correct? Thanks, Hans On 4/12/08, Andrea Chiumenti <kiuma72@gmail.com> wrote:
Hello, I've created a small example of how the changes I've applied to hunchentoot manage session for realm awareness. To keep things clear I've only used cl-who, that nearly everyone knows here. The test comes with its usual asd file. To run the test, just run:
CL-USER> (asdf:operate 'asdf:load-op :new-session)
CL-USER> (new-session:start-test)
and follow "http://localhost:4242/new-session/index.html" on your browser.
Try it with cookies enabled and disabled, with *rewrite-for-session-urls* set to T and nil.
Let me know,
kiuma
_______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
On 4/12/08, Hans Hübner <hans@huebner.org> wrote:
if I understand your source code right, what you need is a realm argument to START-SESSION that makes it possible to have multiple sessions on one Hunchentoot server. Correct?
Well, I realised that my description of the feature is not quite right, another try: You want to have the option to use multiple sessions within one request, qualified by a realm argument. Or what? It would really help if you would describe your requirements yourself instead of letting us guess from your example source code. -Hans
Not completely correct. Suppose we want to "deploy" two applications in the same hunchentoot server instance. First, since they are two applications, they must have their own cookie each one. Now we have two options: 1) let them to share the same session data, then bind the two applications to the same realm, 2) make the two applications completely independents, then bind them to two different realms. So, 1 request to only 1 session and one session may be shared or not. kiuma On Sat, Apr 12, 2008 at 1:17 PM, Hans Hübner <hans@huebner.org> wrote:
On 4/12/08, Hans Hübner <hans@huebner.org> wrote:
if I understand your source code right, what you need is a realm argument to START-SESSION that makes it possible to have multiple sessions on one Hunchentoot server. Correct?
Well, I realised that my description of the feature is not quite right, another try: You want to have the option to use multiple sessions within one request, qualified by a realm argument. Or what? It would really help if you would describe your requirements yourself instead of letting us guess from your example source code.
-Hans
_______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
Can we get away with extending START-SESSION by a realm argument that is added to or used instead of the *SESSION-COOKIE-NAME* to determine the cookie name or session id parameter? -Hans On 4/12/08, Andrea Chiumenti <kiuma72@gmail.com> wrote:
Not completely correct.
Suppose we want to "deploy" two applications in the same hunchentoot server instance. First, since they are two applications, they must have their own cookie each one.
Now we have two options: 1) let them to share the same session data, then bind the two applications to the same realm, 2) make the two applications completely independents, then bind them to two different realms.
So, 1 request to only 1 session and one session may be shared or not.
kiuma
On Sat, Apr 12, 2008 at 1:17 PM, Hans Hübner <hans@huebner.org> wrote:
On 4/12/08, Hans Hübner <hans@huebner.org> wrote:
if I understand your source code right, what you need is a realm argument to START-SESSION that makes it possible to have multiple sessions on one Hunchentoot server. Correct?
Well, I realised that my description of the feature is not quite right, another try: You want to have the option to use multiple sessions within one request, qualified by a realm argument. Or what? It would really help if you would describe your requirements yourself instead of letting us guess from your example source code.
-Hans
_______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
_______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
cookies must be bound to a specific address (I might even proxify two applications on different address names (host1 and host2). Obviously we have to keep [cookie<--(n..1)--->realm], so that a user can eliminate cookies for specific applications (I use tons of tabs with my FF browser). In short I think that cookies must be bound to addresses(path) and must not stay only in "/" for a greater flexibility. And this extension should not change the default behaviour kiuma On Sat, Apr 12, 2008 at 6:28 PM, Hans Hübner <hans@huebner.org> wrote:
Can we get away with extending START-SESSION by a realm argument that is added to or used instead of the *SESSION-COOKIE-NAME* to determine the cookie name or session id parameter?
-Hans
On 4/12/08, Andrea Chiumenti <kiuma72@gmail.com> wrote:
Not completely correct.
Suppose we want to "deploy" two applications in the same hunchentoot server instance. First, since they are two applications, they must have their own cookie each one.
Now we have two options: 1) let them to share the same session data, then bind the two applications to the same realm, 2) make the two applications completely independents, then bind them to two different realms.
So, 1 request to only 1 session and one session may be shared or not.
kiuma
On Sat, Apr 12, 2008 at 1:17 PM, Hans Hübner <hans@huebner.org> wrote:
On 4/12/08, Hans Hübner <hans@huebner.org> wrote:
if I understand your source code right, what you need is a realm argument to START-SESSION that makes it possible to have multiple sessions on one Hunchentoot server. Correct?
Well, I realised that my description of the feature is not quite right, another try: You want to have the option to use multiple sessions within one request, qualified by a realm argument. Or what? It would really help if you would describe your requirements yourself instead of letting us guess from your example source code.
-Hans
_______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
_______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
_______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
participants (2)
-
Andrea Chiumenti -
Hans Hübner