Hello,
> What I need:
>
> - several cookies per user eg. to integrate TicketAccess with Embperl,
> using different cookie names and other parameters like path info
> or expire.
If you really need different cookies, you can implement them on your on with
the Set-Cookie http header. This seems only to make sense if you need
different cookie paths or different expire times. Don't know if it's very
user friendly, at least for user which get ask for every cookie the server
send, like me...
> Eg. getting a cookie in advance on "/tools/login.epl"
> and then logging in doesn't make much sense when the cookie path
> info is "/tools/login.epl" and thus should not be sent to eg.
> "/vault/other/data/show.epl" or so.
>
There is a config directive EMBPERL_COOKIE_PATH you can use to set the
correct cookie path.
> - a way to say "logout". Currently, if I grab the cookie and then send
> a new one with expire (1970) to the browser, %udat remains populated,
> and the session data remains on disk. Unfortunately at the next
> page load of anything I still have that same data in %udat.
>
%udat = () ;
will surely delete all data from %udat.
> Saying "undef $udat{_session_id}" prevents me to log in a second time,
> however, and is thus undesirable. Killing the browser to log out and
> having no way to restart the old session is also not "the right thing
> to do". My current "logout.epl" page looks like this (fully
> experimental misquality). You can easily see at the end of the
> page that I tried to call the DELETE method to remove the item
> from the session store (mysql in my case), but dropped that.
>
> [-
>
> use CGI::Cookie;
>
> use lib "../config";
> use MyConfig;
>
>
> # inspired by keystone:
> sub killcookie {
> my $cookie = shift;
>
> $cookie->value ('deleted');
> $cookie->expires ('-1');
> $cookie->path ('/');
> }
>
>
> # as of perldoc CGI::Cookie
>
> %cookies = fetch CGI::Cookie;
>
> $MyCookie = $cookies{$MyConfig::CookieName};
>
> open LogFile, ">/tmp/my.log";
>
> print LogFile "Cookie: $MyCookie\n";
> print LogFile "other cookie actions:\n";
> foreach (keys %cookies) {
> next if $_ !~ /^\s*$/;
>
> print LogFile "killing ", $cookies{$_}, "\n";
> killcookie ($cookies{$_});
> $req_rec->header_out("Set-Cookie" => $cookie);
where is $cookie defined?
> }
> close LogFile;
>
> #undef $udat{_session_id};
>
> $udat{cookies} = \%cookies;
>
Why do you save \%cookie in %udat if you want to delete them. Wouldn't using
%udat = () ;
be better?
> #$udat{realname} = "Not logged in";
> $req_rec->header_out("Location" => "$ENV{HTTP_REFERER}");
> $req_rec->status (302);
>
> #tied (%udat)->delete;
>
Try to change the line 273 in Embperl/Session.pm from
if (!$self -> {'status'})
to
if (($self -> {'status'} & 7) == 0)
does the
tied (%udat)->delete;
work now?
Gerald
There is a new Embperl mailing list (embperl@perl.apache.org)
-------------------------------------------------------------
Gerald Richter ecos electronic communication services gmbh
Internetconnect * Webserver/-design/-datenbanken * Consulting
Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz
E-Mail: richter@ecos.de Voice: +49 6133 925151
WWW: http://www.ecos.de Fax: +49 6133 925152
-------------------------------------------------------------
> What I need:
>
> - several cookies per user eg. to integrate TicketAccess with Embperl,
> using different cookie names and other parameters like path info
> or expire.
If you really need different cookies, you can implement them on your on with
the Set-Cookie http header. This seems only to make sense if you need
different cookie paths or different expire times. Don't know if it's very
user friendly, at least for user which get ask for every cookie the server
send, like me...
> Eg. getting a cookie in advance on "/tools/login.epl"
> and then logging in doesn't make much sense when the cookie path
> info is "/tools/login.epl" and thus should not be sent to eg.
> "/vault/other/data/show.epl" or so.
>
There is a config directive EMBPERL_COOKIE_PATH you can use to set the
correct cookie path.
> - a way to say "logout". Currently, if I grab the cookie and then send
> a new one with expire (1970) to the browser, %udat remains populated,
> and the session data remains on disk. Unfortunately at the next
> page load of anything I still have that same data in %udat.
>
%udat = () ;
will surely delete all data from %udat.
> Saying "undef $udat{_session_id}" prevents me to log in a second time,
> however, and is thus undesirable. Killing the browser to log out and
> having no way to restart the old session is also not "the right thing
> to do". My current "logout.epl" page looks like this (fully
> experimental misquality). You can easily see at the end of the
> page that I tried to call the DELETE method to remove the item
> from the session store (mysql in my case), but dropped that.
>
> [-
>
> use CGI::Cookie;
>
> use lib "../config";
> use MyConfig;
>
>
> # inspired by keystone:
> sub killcookie {
> my $cookie = shift;
>
> $cookie->value ('deleted');
> $cookie->expires ('-1');
> $cookie->path ('/');
> }
>
>
> # as of perldoc CGI::Cookie
>
> %cookies = fetch CGI::Cookie;
>
> $MyCookie = $cookies{$MyConfig::CookieName};
>
> open LogFile, ">/tmp/my.log";
>
> print LogFile "Cookie: $MyCookie\n";
> print LogFile "other cookie actions:\n";
> foreach (keys %cookies) {
> next if $_ !~ /^\s*$/;
>
> print LogFile "killing ", $cookies{$_}, "\n";
> killcookie ($cookies{$_});
> $req_rec->header_out("Set-Cookie" => $cookie);
where is $cookie defined?
> }
> close LogFile;
>
> #undef $udat{_session_id};
>
> $udat{cookies} = \%cookies;
>
Why do you save \%cookie in %udat if you want to delete them. Wouldn't using
%udat = () ;
be better?
> #$udat{realname} = "Not logged in";
> $req_rec->header_out("Location" => "$ENV{HTTP_REFERER}");
> $req_rec->status (302);
>
> #tied (%udat)->delete;
>
Try to change the line 273 in Embperl/Session.pm from
if (!$self -> {'status'})
to
if (($self -> {'status'} & 7) == 0)
does the
tied (%udat)->delete;
work now?
Gerald
There is a new Embperl mailing list (embperl@perl.apache.org)
-------------------------------------------------------------
Gerald Richter ecos electronic communication services gmbh
Internetconnect * Webserver/-design/-datenbanken * Consulting
Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz
E-Mail: richter@ecos.de Voice: +49 6133 925151
WWW: http://www.ecos.de Fax: +49 6133 925152
-------------------------------------------------------------