I could be misunderstanding, but i'm not sure it's possible since mod_rewrite only acts on "inbound" urls... So client logins into your site, thus establishing a session on the server. Now, the client asks for foo.html -- how could mod_rewrite know how to match this new client request (which could be from any client) with a session id on the server side? (no cookie, can't rely on remote IP, no info yet in query string)
I don't know if there's anything in perl/mod_perl/cgi-world that does the same transparent query string appending of session id that php can do (i hope so and that someone will mention it), but here's another alternative: You could write a filter for your outbound content that finds relative urls and appends the session id to the query string. I've used this method to encrypt query strings, so query strings don't look like
?year=3&type=search&btn=find but instead like
s=<somebignumber>. To set this up need the following:
need something like this in http.conf:
PerlModule Apache::Filter \
OurStuff::SessionFilter
<Directory "/www_doc_root/">
PerlHandler OurStuff::SessionFilter
SetHandler perl-script
</Directory>
And the OurStuff::SessionFilter looks like:
package OurStuff::SessionFilter;
use Apache::Constants();
sub handler {
my $r = shift;
$r = $r->filter_register();
my($fh, $status) = $r->filter_input();
return $status unless $status == Apache::Constants::OK();
my $session_id = OurStuff::Session->getCurrent()->id;
# now the hard part: process the $fh filehandle and
# find relative urls, and add &session=$session_id to
# the query string.
# keep in mind that urls can be embedded in javascript,
# such as location.href='...' or window.open(...)
return OK;
}
1;
