Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid

Regarding User Sessions

by Anonymous Monk
on Apr 12, 2004 at 09:42 UTC ( #344347=perlquestion: print w/replies, xml ) Need Help??

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi, I'm using Apache Server. I need to implement (in my Perl scrips) user authentication/session control for Apache. Basically, what I need is: once validated the user login in the Database (Oracle) by a Perl script, I need to control the session, that means: if it didn't expire (in a period of time), if it is the same session since user login, if the user is using the same host where the login was done. If the session is invalid a new user login will be required. Note: Dont't need to store session information in Database, just interact with Apache Server to controll the sessions. Is it possible ? Do anybody have done something like this ? (if it's possible, can send me the scripts or some example ?) Or just have an idea of whow it must be done ? I'm afraid I'm not clear enough !!! Pls help me in this regard. By the way, thank's a lot for reading this and for your help Regards,

Replies are listed 'Best First'.
Re: Regarding User Sessions
by Roger (Parson) on Apr 12, 2004 at 10:44 UTC
    You could have a look at the package Apache::Session, which implements session with persistant storage using database or file.

Re: Regarding User Sessions
by Anneq (Vicar) on Apr 12, 2004 at 11:37 UTC

    CGI::Session works great for me.


      could you please give an example program, so that i can use it as my reference. pls.......... Thank you

        I am using CGI::Application in which my cgiapp_prerun() is as follows:

        sub cgiapp_prerun 
        	my $self = shift;
        	my $q = $self->query();
        	# Open existing session from cookie id, or open new session
        	my $session = new CGI::Session(undef, $q, {Directory=>'/tmp'});
        	# Delete session if user requested logout
        	if ($q->param('rm') eq 'logout') 
                        # Start new session
        		$session = new CGI::Session(undef, undef, {Directory=>'/tmp'});
                        # Set session as logged out
        		$session->param(-name=> 'logged_in', -value => 0);
                        # Change run mode to default run mode
        	my $cookie = $q->cookie(CGISESSID => $session->id);
                # Send cookie in header
        	$self->header_props(-cookie => $cookie);
        	# Make session params available to other subs & modules
        	$self->param(session => $session);

        A separate validation run mode, which is used to validate both registrations and logins, sets the session parameter 'logged_in' to true if registration or logon was successful.

        Pretty simple and it works. I haven't checked out Apache::Session yet so I don't konw which one would be best to use.


        I've just came across this node which recommends using CGIS::Application because it's CGI::Session enabled CGI::Application. Though I haven't looked at it yet so can't give any opinion on which one would be best.



        Anneq, could you please give an example program, so that i can use it as my reference. pls.......... Thank you

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://344347]
Approved by Corion
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (4)
As of 2022-06-27 11:29 GMT
Find Nodes?
    Voting Booth?
    My most frequent journeys are powered by:

    Results (88 votes). Check out past polls.