Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

New Session for new Window...

by shushu (Scribe)
on Feb 26, 2003 at 09:05 UTC ( #238711=note: print w/replies, xml ) Need Help??


in reply to Re: Re: Re: Re: Re: New Session for new Window (or: Session ID vs. Process ID...)
in thread New Session for new Window (or: Session ID vs. Process ID...)

I am the team leader of a product called FireBall-1, which is an internal CheckPoint tool for QA.
The report this tool is creating is an ASP built HTML files, with a complicated navigation within the report.
For example - if I use a loop in FireBall, I will see a loop in the report, and iterations of it.
The bottom line - we use the session to follow where the user is in the report.
But the user can open more then one report from the same IE window, and start his navigation. In this point I want him to get a session/cookie per window, in this is my current problem.

shushu

Replies are listed 'Best First'.
Re: New Session for new Window...
by JayBonci (Curate) on Feb 26, 2003 at 09:49 UTC
    Why not track it by GET data from where he is in the application? It might be simpler to pass along that information in the link.

    http://fireball/qa.asp?checkpoint=101&session=205.

    If they jump out of that loop by opening a new window (or head to a spot where they couldn't possibly have gone to from the current report, create another session from there and change around all of the links (session=206, etc).

        --jaybonci
      What is not clear to me is "create another session from there ..." - if I can create another session from any place, I should not have any problem.
      From the example I gave it is clear that only one session exist, so in any case, even with your solution, I will still have one working session.
      Am I wrong ?
      shushu

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://238711]
help
Chatterbox?
[davido]: so last -f /var/run/utmp on ubuntu provides similar (though more verbose) info
[oiskuu]: glibc getlogin just does ttyname() and falls back on getutline(); it's not security related at all. (reminds me of sendmail and remote finger services of the naive early spam era)
[Corion]: But yes, "who started this process" is interesting information :)
[tye]: no, I really believe that "login user" was added as a fundamental bit of info about each process in order to enhance the usefulness of auditing
[Corion]: Ah - if that information is saved in a file, then you could theoretically spam that file and confuse getlogin(). So, don't use it for authentication :)
[tye]: that is what getlogin() certainly *used* to do. I don't believe that is what it certainly should do.
[davido]: /var/run/utmp is 664 i think.
[tye]: Note that my "man getlogin" says that it uses stdin when it should use /dev/tty (calling a glibc bug). But that does not appear to be the case when I test it. But maybe Perl's getlogin() is not using glibc's getlogin().
[oiskuu]: well, run a strace and see what the getlogin does for you.... As I said. SELinux probably has those security labels. But not regular linux.
[tye]: for example, read https://unix. stackexchange.com/ questions/146138/ loginuid-should-be -allowed-to-change -or-not-mutable-or -not

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (9)
As of 2017-06-23 19:44 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How many monitors do you use while coding?















    Results (554 votes). Check out past polls.