Mailing-List: contact modperl-help@perl.apache.org; run by ezmlm
Precedence: bulk
Received-SPF: pass (asf.osuosl.org: domain of yperl@club-internet.fr
 designates 194.158.104.39 as permitted sender)
Message-ID: <44172EFC.1090506@club-internet.fr>
Date: Tue, 14 Mar 2006 22:00:44 +0100
From: yperl <yperl@club-internet.fr>
User-Agent: Thunderbird 1.5 (X11/20051201)
MIME-Version: 1.0
To: Geoffrey Young <geoff@modperlcookbook.org>
Cc: modperl@perl.apache.org
Subject: Re: APR::* + PerlResponseHandler + Reading Cookie
References: <mnet1.1142358275.8591.yperl@club-internet.fr>
 <44171C3E.2050109@modperlcookbook.org> <4417264A.8070404@club-internet.fr>
 <441728E0.1090202@modperlcookbook.org>
In-Reply-To: <441728E0.1090202@modperlcookbook.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit

Reinveting the wheel its in my nature to understand things  :-)

Hope that all anwsers are in chapter 13 (good number).

Thanks Geoffrey for all this explanations.

cheers
Younes


Geoffrey Young a �crit :
> in the future please keep responses on list :)
>
> yperl wrote:
>   
>> Geoffrey Young a �crit :
>>
>>     
>>> I find myself wondering if you're trying to set the cookie in one
>>> phase and
>>> read it from the PerlResponseHandler _during the same request_?
>>>   
>>>       
>> Yes. Is that usage not recommended?
>> Nothing in the doc is against that.
>>     
>
> it wouldn't be in the docs - it's the nature of the HTTP protocol and how
> cookies interact with it.
>
>   
>> I'm creating the cookie in a PerlAccessHandler and reading it from
>> a PerlResponseHandler, in the same request.
>>     
>
> nope, can't do that :)
>
> it works like this...
>
> your access handler will set the Set-Cookie header, which goes to the
> client.  when you try to read the cookie in from your PerlResponseHandler
> you aren't at the client yet, so there's no cookie to read back in yet - the
> client has yet to receive your cookie :)
>
> on the _next_ request the client will sent the Cookie header with its
> request and then you'll be able to glean it in your application.
>
> [lots of stuff snipped]
>
>   
>> GET http://coro/gdlweb/resolver
>> User-Agent: lwp-request/2.07
>>
>> GET
>> http://coro/gdlweb/resolver?utilisateur=sara&motdepasse=sara&target=accueil
>> --> 200 OK
>> Connection: close
>> Date: Tue, 14 Mar 2006 20:15:47 GMT
>> Server: Apache/2.2.0 (Unix) GDLWeb-BnF/0.3 mod_ssl/2.2.0 OpenSSL/0.9.7i
>> DAV/2 mod_apreq2-20051231/2.5.7 mod_perl/2.0.3-dev Perl/v5.8.8
>> Content-Length: 0
>> Content-Type: text/plain
>> Client-Date: Tue, 14 Mar 2006 20:15:47 GMT
>> Client-Peer: 192.168.1.3:80
>> Client-Response-Num: 1
>> Set-Cookie: foo=1142367347; path=/
>>     
>
> yup, there  it is.
>
>   
>> * Apache output:
>>
>> [Tue Mar 14 21:10:33 2006] [error] access to /gdlweb/resolver failed for
>> 192.168.1.3, reason: >>> cookie: none
>>
>> [Tue Mar 14 21:10:33 2006] [error] access to /gdlweb/resolver failed for
>> 192.168.1.3, reason: >>> JAR: $VAR1 = 'GET /gdlweb/resolver
>> HTTP/1.1\nTE: deflate,gzip;q=0.3\nConnection: TE, close\nHost:
>> coro\nUser-Agent: lwp-request/2.07\n\nHTTP/1.1 (null)\nSet-Cookie:
>> foo=1142367347; path=/\n\n';\n
>>
>>
>>
>> We can easily see that the dumped object $r contains the cookie named
>> "foo".
>>     
>
> no it doesn't.  it has the Set-Cookie header it it, which is different from
> the Cookie header the client will send you it has successfully registered a
> cookie for your domain.
>
> but really, it sounds like you're trying to reinvent the wheel a bit - take
> a look at Apache::AuthCookie on CPAN for cookie-based authentication.  and
> while you can find the nuances of cookies lots of places on the web, you
> might find this a useful read as well, as there are lots of interesting
> things you can do with cookies and authentication in general with mod_perl.
>
>   http://www.modperlcookbook.org/chapters/ch13.pdf
>
> HTH
>
> --Geoff
>
>