perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "titetluc titetluc" <>
Subject [MP2][QUESTION]Session and inactivity
Date Wed, 06 Feb 2008 11:14:57 GMT
Hello mod_perl users,

I am developing a mod_perl module (MyModule) to manage
This module:
     - uses Apache::Session to store session-related information
     - is cookie-based
     - manages session inactivity

This module could be used in the following example.

<Location /protected_url>
PerlAuthenHandler MyModule
AuthType Basic
AuthBasicProvider ...
require valid-user
PerlFixupHandler MyModule->cookie_create_refresh

If request has no cookie, then basic authentication is required.
     If basic authent is correct, then a cookie is created in the fixup
If request has a cookie, then the cookie is refreshed in the fixup handler.

A basic description of the module in pseudo-perl:

package MyModule;
use Apache::Session::xxx;
use Apache::Cookie;

sub handler{
    my $r = shift;

    if (cookie_not_present_in_request()){
         return DECLINED;
    return cookie_verify();  #use of Apache::Session as a DB storage

sub cookie_create_refresh{
   my $class = shift;
    if (cookie_not_present_in_request()){
    else {
    return OK;

The module I am developing has to delete the cookie if it is not refreshed
The question: how can I manage this timeout inactivity ?
The best solution would be to use a mechanism where callbacks (deleting the
cookie rfom the database) would be called automatically on inactivity.
Does such an API is proposed by :
     . the APR API
     . mod_perl API
     . an Apache2::xxx perl module
     . a CPAN module

If not, how can I solve my problem ? (I could verify regularly in the DB
storage, but this is a last resort solution. Even in this case, how could I
implement it ?)



View raw message