perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Prime <adam.pr...@utoronto.ca>
Subject Re: questions on Apache2::Connection
Date Sat, 11 Oct 2008 17:02:25 GMT
André Warnier wrote:
> Hi gurus.
> 
> Do I understand this correctly that if in a Perl Handler i get
> my $c = $r->connection();
> then $c is the object that represents the persistent TCP/IP connection 
> between the browser and the server, in case there is "keep-alive" going 
> on ?
 >
> Now lets say that I create an authentication method based on the Request 
> (as they tend to be usually).
> On the first request, the authentication happens, and I set a 
> $c->notes('credentials') value. I also set a browser cookie.
> 
> On subsequent requests, I could check this $c->notes('credentials') 
> first, in case a previous request over the same connection already 
> resulted in authentication, could I not ?

I just read the docs, and though it doesn't explicitly say that that 
that would, or wouldn't work, but the existance of $c->keepalives() 
makes me think that it would work.  It'd be pretty easy to confirm 
though, so i'd suggest you do that.

> In the worst case, the connection is new and I would not have these 
> notes (meaning I then need to get the cookie, and in its absence redo an 
> authentication); but in the vast majority of cases (depending on 
> keep-alive), I could save myself some overhead by considering the 
> connection as authenticated instead of the request, no ?
> 
> Or are there some pitfalls here of which I am ignorant ?
> Or is the potential gain not worth the cost of getting the $r->connection ?

If you've got a heavily trafficked site, and confirming that your auth 
cookies are valid is expensive, then doing something like this could 
make sense.  How much of an effect it's going to have is something that 
would be very dependent on the clients your site has more than anything 
though.  You'd might want to do some investigation into how much of your 
traffic actually comes from from requests through a connection that was 
kept-alive by keep-alive.

It is an interesting idea though.

Adam

Mime
View raw message