perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kruse, Matt" <MKr...@aquent.com>
Subject RE: Convert Cookies-->HTTP Request Headers?
Date Mon, 07 Apr 2003 02:09:11 GMT
>From: Brian Reichert
>Ok, I'm confused: the cookies are already in the request header,
>and you want to 'convert' them into a request header?

Well, yes. Two reasons:
1) In the real production environment, the cookie is encrypted and validated
against a database with each request. My app knows nothing about the cookie.
All it ever sees is the request headers.
2) I wanted to use a cookie simply because it's the easiest way to
dynamically control the contents of the headers to be sent, and the easiest
way I could think of that would work with a "login" page.

I assumed people would think it was an odd request, but it does make sense
:)

>From: Juha-Mikko Ahonen
>Why name NAME to HTTP_NAME? Or do you want the cookie content to appear
>in subprocess environment (which has similar naming convention), like
>other server variables?

Actually, this was an oversight, I'm used to CGI!!

>>   2. Writing some sample code :)
>package Your::SSOHandler;

Thank you! This is exactly the kind of example I needed. Will test ASAP, and
adjust to fit my specific needs. I'm quite familiar with Perl, it's mainly
the API's that I'm clueless about. Your code makes sense and at least points
me in exactly the right direction.

>For testing you could make the handler module stat and evaluate contents
>of an external Perl file. Put your code on the file to be evaluated,
>and avoid restarts.

True, that would work also, but it would still require modifying a file each
time. 
With this cookie solution, I can create a fake "login" page which will set
the appropriate cookies in javascript and also allow for simulating "logout"
by clearing the cookie.

Matt

Mime
View raw message