You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Tracy12 <j_...@yahoo.com> on 2008/04/17 07:04:14 UTC

Session handling

Hi,
for session handling we use CGI:Session cpan distribution,

we do use local file for cookie storage, eventhough the session time out is
30, sometimes the set information in the 
session get lost before that, has anybody experience this before.

We do have a cron job to clear the session data, Is there any solution for
this behavior?
What exactly the possible reason for such a thing.

After the authentication I do set the logged in userin in the session and
use the sessionId for subsequent requests

Thanks



-- 
View this message in context: http://www.nabble.com/Session-handling-tp16738934p16738934.html
Sent from the mod_perl - General mailing list archive at Nabble.com.

Re: Session handling

Posted by Malcolm J Harwood <mj...@liminalflux.net>.

On Sunday 27 April 2008, Tracy12 wrote:
> I do not flush, but I can see the cookies generated in the session folder

You could try adding the flush to see if it helps.

> This happens in only one navigation path only

Then it sounds like there's something particular to that path, rather than it 
being an issue with mod_perl or CGI::Session.

-- 
"Oh bother," said Seven of Nine, "I appear to have assimilated
Pooh."

Re: Session handling

Posted by Tracy12 <j_...@yahoo.com>.

I do not flush, but I can see the cookies generated in the session folder

This happens in only one navigation path only


Malcolm J Harwood-3 wrote:
> 
> On Thursday 17 April 2008, Tracy12 wrote:
> 
>> We do run a cron job to clean up the cache,  Anyhow even it contains old
>> data, they are basically expired, I can't
>> understand how that gonna cause this issue, To my understanding we clean
>> up
>> the cache primarily because it is just filling up the hard disk,
> 
> Is it possible your cleanup script is deleting things too soon?
> 
>> Other thing is I did not mention any cache file sie as such pls see the
>> following code,  
> 
> It looks like you're using the one-file-per-session configuration, so
> there's 
> no cache file size limit.
> 
>> Here the issue is eventhough the session timeout is 30m,
>>  $session->param($SESSION_USER_PARAM, $user); return empty string before
>> the 30m
> 
> Are you flushing the session after you've put data in it?
> 
> see:
> http://search.cpan.org/%7Emarkstos/CGI-Session-4.30/lib/CGI/Session.pm#flush()
> 
> It could be that the data is never on disk.
> 
> 

-- 
View this message in context: http://www.nabble.com/Session-handling-tp16738934p16929917.html
Sent from the mod_perl - General mailing list archive at Nabble.com.

Re: Session handling

Posted by Malcolm J Harwood <mj...@liminalflux.net>.

On Thursday 17 April 2008, Tracy12 wrote:

> We do run a cron job to clean up the cache,  Anyhow even it contains old
> data, they are basically expired, I can't
> understand how that gonna cause this issue, To my understanding we clean up
> the cache primarily because it is just filling up the hard disk,

Is it possible your cleanup script is deleting things too soon?

> Other thing is I did not mention any cache file sie as such pls see the
> following code,  

It looks like you're using the one-file-per-session configuration, so there's 
no cache file size limit.

> Here the issue is eventhough the session timeout is 30m,
>  $session->param($SESSION_USER_PARAM, $user); return empty string before
> the 30m

Are you flushing the session after you've put data in it?

see:
http://search.cpan.org/%7Emarkstos/CGI-Session-4.30/lib/CGI/Session.pm#flush()

It could be that the data is never on disk.

Re: Session handling

Posted by Tracy12 <j_...@yahoo.com>.

We do run a cron job to clean up the cache,  Anyhow even it contains old
data, they are basically expired, I can't
understand how that gonna cause this issue, To my understanding we clean up
the cache primarily because it is just filling up the hard disk,

Other thing is I did not mention any cache file sie as such pls see the
following code,  In my Authentication handler overall what it does is once
authenticated it does put the validated user in the session and try to use
that value thereafter for subsequent requests.

Following I extracted from my Auth hanlder to hightlight the places I do use
the CGI:Session commands, Other mod_perl statements are left out

# TMP_SESSION_FOLDER is the local folder to hold cookies defined else where
my $session = new CGI::Session() or die CGI::Session->errstr;

#as the new command looks after the expired cookies and also the existence,
no any if conditions done but following #executes in each request

$session = new CGI::Session(undef, undef, {Directory=>
$TMP_SESSION_FOLDER});
# expire the session and also the remote_user_for_library parameter
#SESSION_TIME_OUT is the timeout value(30m) and SESSION_USER_PARAM is the
parameter name for authenticated user

$session->expire($SESSION_TIME_OUT);
$session->expire($SESSION_USER_PARAM, $SESSION_TIME_OUT);

 # retrieve remote_user from the session
        $retrieved_user = $session->param($SESSION_USER_PARAM);

#if retrieved_user is not empty this is users subsequent request

If it is the first time access it validates the user and put it to the
session as follows.
$user carries the value of the authenticated user

 $session->param($SESSION_USER_PARAM, $user);

Here the issue is eventhough the session timeout is 30m, 
 $session->param($SESSION_USER_PARAM, $user); return empty string before the
30m


Hope this information is enough for some one to make a comment



Malcolm J Harwood-3 wrote:
> 
> On Thursday 17 April 2008 01:04:14 Tracy12 wrote:
> 
>> for session handling we use CGI:Session cpan distribution,
>>
>> we do use local file for cookie storage, eventhough the session time out
>> is
>> 30, sometimes the set information in the
>> session get lost before that, has anybody experience this before.
> 
> That sounds like you are using a cache file and your cache is filling up. 
> 
>> We do have a cron job to clear the session data, Is there any solution
>> for
>> this behavior? What exactly the possible reason for such a thing.
> 
> The nature of a cache is that it will drop older data to make room for
> newer. 
> So your solutions are to make a larger cache file (you may have to
> experiment 
> to work out what size you need), or to switch to some other session
> storage 
> mechanism that has different properties.
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Session-handling-tp16738934p16758221.html
Sent from the mod_perl - General mailing list archive at Nabble.com.

Re: Session handling

Posted by Malcolm <mj...@liminalflux.net>.

On Thursday 17 April 2008 01:04:14 Tracy12 wrote:

> for session handling we use CGI:Session cpan distribution,
>
> we do use local file for cookie storage, eventhough the session time out is
> 30, sometimes the set information in the
> session get lost before that, has anybody experience this before.

That sounds like you are using a cache file and your cache is filling up. 

> We do have a cron job to clear the session data, Is there any solution for
> this behavior? What exactly the possible reason for such a thing.

The nature of a cache is that it will drop older data to make room for newer. 
So your solutions are to make a larger cache file (you may have to experiment 
to work out what size you need), or to switch to some other session storage 
mechanism that has different properties.