|
|
| Author |
Message |
|
| Guest |
 Posted: Fri Apr 04, 2008 1:33 pm |
 |
|
|
Guest
|
Hi list,
I implemented a session cookie store, just like the one in Ruby on
Rails 2.0.
http://www.railsmanual.org/class/CGI::Session::CookieStore
Available with the same caveats :
Session data is encoded in base64 and sent in the cookie with a SHA
MAC of this data.
This means that the user can see what's inside, but will not be able
to tamper with it.
Moreover session data should stay in small amount as the encoded and
signed data may not exceed 4096 bytes.
This being said, that should give us Yaws clustering for free 
And no more sessions to expire, just set the cookie expiration date.
One small thing, make sure crypto is started.
I have also attached session1.yaws rewritten to make use of this code.
Any feedback welcome !
Eric Cestari
Post recived from mailinglist |
|
|
| Back to top |
|
|
|
All times are GMT
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
|
|
|
Digg It
Del.icio.us
Reddit
Facebook
Stumble Upon
Technorati
