perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Peters <mpet...@plusthree.com>
Subject Re: mod_auth_tkt [was: 32 & 64 bit memory differences]
Date Tue, 06 Nov 2007 20:55:07 GMT
Carl Johnstone wrote:
> Michael Peters wrote:
>> mod_auth_tkt. You can set the authorization ticket with mod_perl and
>> then just
>> let mod_auth_tkt handle it on the non-mod_perl apache. It's extremely
>> light
>> weight and really fast.
>>   
> Got this on my "to implement soon" list - any tips/caveats?

The only problem I've ever had was that you can configure mod_auth_tkt to
refresh the auth tkt cookie so session timeouts are fixed, but rather based on
the last activity of the person. This sounds like a really good idea unless you
have a caching proxy in front of things. This is because if mod_auth_tkt decides
to refresh a cookie on say a CSS file and then the proxy caches that it will
also cache the cookie header. And anyone who then requests that file later from
the proxy's cache will suddenly get someone else's auth tkt. Very strange
behavior ensues.

-- 
Michael Peters
Developer
Plus Three, LP


Mime
View raw message