perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Nachbaur <>
Subject RE: Apache::Session
Date Thu, 01 Jun 2000 20:13:29 GMT
Sorry, forgot to mention, that you can define the PerlTransHandler in only those directories
that you want sessions created for.


-----Original Message-----
From: Michael Nachbaur []
Sent: Thursday, June 01, 2000 1:08 PM
To: Niral Trivedi;
Subject: RE: Apache::Session

Well, from what I'm reading, it looks like you don't want it to create sessions for all images,
CSS, et al on the first page load, right?  Instead of deleting sessions that aren't used,
you could try just not serving sessions to documents that don't need 'em.

Like in my setup, I've put in a PerlTransHandler pointing to a custom perl module I've created:
PerlTransHandler  Apache::URISession

Then, in Apache::URISession, I've done the following:
package Apache::URISession;
 use strict;
 use Apache::Constants qw(:common);

 sub handler {
    my $r = shift;
    my $uri = $r->uri;
    my ($session) = $uri =~ m|/S([0-9a-f]{32})|;
    $uri =~ s|/S[0-9a-f]{32}||;
    my $filename = $r->document_root . $uri;

    $ENV{'SESSION_ID'} = $session if ( $session );
    print STDERR "SESSION: " . $session, "\n";
    print STDERR "URI    : " . $uri, "\n";
    $r->filename( $filename );
    return OK;


There might be another module that does this, but I wanted to embed the session key in the
URL.  So, in this example, it'll redirect the user to an address like this one:

It'll rip the session out, put it in ENV{SESSION_ID}, and continue processing.  I'm not sure
if I should be returning an OK there or not (I'm new to using handlers), but it does the job.

Also, keep in mind, I'm using the new Apache::Session which creates 32-character keys, which
is why I'm doing the pattern match check like {32}.


-----Original Message-----
From: Niral Trivedi []
Sent: Thursday, June 01, 2000 12:57 PM
Subject: Apache::Session


I need to clear myself on a small issue regarding Apache::Session.

As per my understanding, Apache::Session will store session information
in a backing store-either a flat file or in some database. And
everytime, request comes in, it will check for sessionID in backing
store and retrieve all information for that session. If request is new
than it will create new sessionID and also create an entry in backing

Now, only way to remove this information from backing store is to do
'tied(%session_hash)->delete', Am I right? I mean is there any way we
can remove these entries by setting 'time_out_interval' or something
like that?? 

Because if we do 'tied(%session_hash)->delete' then it will create new
session for every request... So, I was thinking of not doing
'tied->delete' but write a small cron script which runs at specified
interval and removes entry from backing store which are older than some

Because concept of 'time_out_interval' does exist in Apache JServ and
other application servers..

Any ideas, suggestions or pointers on this???

Thanks again..


View raw message