Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Keeping track of a session id (mod_rewrite?)

by jeyroz (Monk)
on Jun 18, 2005 at 14:44 UTC ( [id://467987]=perlquestion: print w/replies, xml ) Need Help??

jeyroz has asked for the wisdom of the Perl Monks concerning the following question:

I'm using Apache::Session to handle session data and am looking into alternatives to writing a session id cookie. I know that the common alternative is to write the id into the url and pass it between requests but I have heard this can be a tedious task ... which brings me to my question.

I have just begun to read up on Apache's mod_rewrite (used to manipulate url strings) and was wondering if anyone has had success using mod_rewrite to pass a session id through a url.

I appologize if this question is baseless as I am just now learning about the possibilities of the Apache mod.

author => jeyroz

  • Comment on Keeping track of a session id (mod_rewrite?)

Replies are listed 'Best First'.
Re: Keeping track of a session id (mod_rewrite?)
by perrin (Chancellor) on Jun 18, 2005 at 17:26 UTC
Re: Keeping track of a session id (mod_rewrite?)
by jasonk (Parson) on Jun 18, 2005 at 14:53 UTC

    There is an example in the URL Rewriting Guide of setting environment variables based on part of the URL. The example they give is:

    RewriteEngine on RewriteRule ^(.*)/S=([^/]+)/(.*) $1/$3 [E=STATUS:$2]

    This lets a URL like /foo/S=java/bar/ get translated to the path /foo/bar, while setting the environment variable $STATUS to 'java'.


    We're not surrounded, we're in a target-rich environment!
Re: Keeping track of a session id (mod_rewrite?)
by davidrw (Prior) on Jun 18, 2005 at 15:20 UTC
    I could be misunderstanding, but i'm not sure it's possible since mod_rewrite only acts on "inbound" urls... So client logins into your site, thus establishing a session on the server. Now, the client asks for foo.html -- how could mod_rewrite know how to match this new client request (which could be from any client) with a session id on the server side? (no cookie, can't rely on remote IP, no info yet in query string)

    I don't know if there's anything in perl/mod_perl/cgi-world that does the same transparent query string appending of session id that php can do (i hope so and that someone will mention it), but here's another alternative: You could write a filter for your outbound content that finds relative urls and appends the session id to the query string. I've used this method to encrypt query strings, so query strings don't look like ?year=3&type=search&btn=find but instead like s=<somebignumber>. To set this up need the following:

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://467987]
Approved by davidrw
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chilling in the Monastery: (5)
As of 2024-09-18 21:05 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    The PerlMonks site front end has:





    Results (25 votes). Check out past polls.

    Notices?
    erzuuli‥ 🛈The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.