Hi Colin,
After chatting with you the other night about sessions, I had some
more thoughts on the subject. As I mentioned in our chat, a simple
table with (session key, keyword, value) record should be good enough
for storing values. What I didn't mention was the session table. The
session table contains one entry per session. The records would look
similar to this (ip address, session key, serial number, timeout
value, last transaction). An ip address is associated with the session
key to help prevent someone from taking over a session. The serial
number value is a random number that is set in a client cookie during
each transaction. The server checks and modifies this value during
each transaction. The timeout value is a delta time value that defines
how long a session can be idle. A background process sweeps the
session table periodically and removes sessions that have exceeded
their timeout value. The last transaction value is a timestamp for the
last transaction. Note that the session management stuff should all
happen out side the access scope of the application. Also note that
the session manager is a good place to implement throttling, perhaps
during serial number generation.
Tom K.
On Sun, Sep 8, 2013 at 8:01 PM, <
wub-dis...@googlegroups.com> wrote:
> Today's Topic Summary
>
> Group:
http://groups.google.com/group/wub-discussion/topics
>
> Significant Changes [1 Update]
>
> Significant Changes
>
> Colin McCormack <
co...@chinix.com> Sep 08 04:14PM +1000
>
> Hi All,
>
> I've modified Site and Config to more properly use and handle
> configuration section metadata. I doubt anyone's using this, so doubt
> that it matters.
>
> I'm working on a new Session implementation, this one should work very
> well ... it's a work in progress, so don't expect too much just yet.
>
> This email is intended as a heads-up in case there's any disruption or
> damage pursuant to my mucking about ... if there is, please let me know
> ASAP, and I'll repair it.
>
> Colin
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Wub Discussion" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
wub-discussio...@googlegroups.com.
> For more options, visit
https://groups.google.com/groups/opt_out.