httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Sussman <>
Subject Re: An idea for state saving
Date Fri, 31 May 1996 12:01:41 GMT
> I suppose one could get even fancier and use mod_cookies and some sort
> of request hand off mechanism to try to match a user with their last
> accessed http daemon, but that would get pretty ugly.

What's really needed here is a reliable way to identify a session of
requests that works independant of cookie or keep-alive support.  Making
too many asusmptions will break things for some users.

In my shopping cart applications, I use a simple but effective method.
It involves post parsing HTML.  When it is not possible to make the 
client remember a session key via cookies, the session key is added
to URLs in the page as part of a query string.  The basic sequence of
events goes like this:

	1) Enforce entry into a specific set of pages (look for a session
	   key.  If it does not exist, redirect).
	   This is optional really, but it ensures that I can make the client
	   remember a key.

	2) When first on a valid entry page:
		a) issue a Set-Cookie command
		b) parse local URLs in the page and add on query string
		   session key info.
		c) set environment variables so that the key is available
		   to user processes.

	3) For any other page:
		a) Look for the session key in a cookie or query string
		b) set environment variables so that the key is available
		   to user processes.
		c) If the key was found only in the query string, parse
		   local URLs in this page and add the key as query information.

This works very well for me and I currently implement it as an Action
script.  Doing it this way is not terribly streamlined and I will 
implement it as a module as soon as it becomes possible to stack
the output of modules (I'm not quite brave enough to mess with the
buffer code yet).

Once you have a reliable session key, it is much easier to store intermediate
results on disk, in memory, in your database or wherever.


View raw message