[Mono-list] mod_mono sharing application session data
Matthew Metnetsky
met@uberstats.com
Thu, 29 Jul 2004 12:51:06 -0400
Hello,
On Thu, 2004-07-29 at 11:59, Tom Larsen wrote:
> Aren't HttpSessions "keyed" to the Session IDs they set? In any event,
> web applications traditionally operate in a disconnected state because
> this is how web servers operate. One HTTP request has nothing to do with
> another. You need to consider very carefully the idea of trying to make a
> web app that goes against this. If you really need a very tightly tied
> together system then the web isn't a good platform.
>
> Or are you asking more of a single sign on question? What is in the
> HttpSession that you need to share?
>
> Tom Larsen
>
> On Thu, 29 Jul 2004, Matthew Metnetsky wrote:
>
> > I've searched google and found almost no information on this, so I
> > figured I'd ask here.
> >
> > Has anyone had any luck of sharing HttpSession data between applications
> > (basically directories) ? The site I'm beginning to build requires 1
> > login for multiple modules and I'd really rather not have a flat file
> > structure for such a huge application.
> >
> > Any ideas?
> >
> > ~ Matthew
> >
As it seems, every directory is assigned a cookie-session id used to tie
Session to an application/directory. The problem is that if I travel
from one directory to another and check session its missing, because
HttpSession seems to be directory/application specific.
This is very annoying. Suppose you have an application (as I will soon)
where you have a Core module that supplies users, roles, etc and a
login. From there you would travel to other modules which would of
course need to know that your logged in (a cookie works -
FormsAuthentication class). But suppose I set your Member object into
Session within the Core module, the Foo module could not access it. So
in fact I would have to check your cookie and retrieve again the Member
object associated to that cookie from the database. Thus, an unecessary
call to the database, and two instances of the same object sitting in
session. Its a data integrity nightmare!
Any ideas, suggestions solutions?
~ Matthew
P.S. Sadly, this must be a web application.