Session Management: NO Cookies....

Discussion in 'Perl Misc' started by Sucpraran, Sep 23, 2003.

  1. Sucpraran

    Sucpraran Guest

    New to Perl, Apache world.
    Like to get thoughts on maintaining session WITHOUT using Client Side
    Cookies.
    Our environment is Perl, Apache, Oracle DB, Unix OS.

    What are the capabilities of Server side/Database session management
    in this environment? We can't compromise on security and load
    balancing (multiple servers).

    Thanks
     
    Sucpraran, Sep 23, 2003
    #1
    1. Advertising

  2. (Sucpraran) wrote in message news:<>...
    > New to Perl, Apache world.
    > Like to get thoughts on maintaining session WITHOUT using Client Side
    > Cookies.
    > Our environment is Perl, Apache, Oracle DB, Unix OS.
    >
    > What are the capabilities of Server side/Database session management
    > in this environment? We can't compromise on security and load
    > balancing (multiple servers).
    >


    You could use hidden fields, but that's not a 100% secure method. Or
    an Apache module (think mod_auth), but I believe that uses cookies.
    You could restrict access based upon IP addresses, but those can be
    spoofed.

    Any reason why you don't want to use cookies? I mean, if you _only_
    use cookies, that's not very secure. However, they are useful when
    used in conjunction with other methods. It's just another layer of
    authentication that someone has to figure out, but it's still a layer.
    It keeps honest people honest.

    HTH

    Jim
     
    James Willmore, Sep 24, 2003
    #2
    1. Advertising

  3. Sucpraran

    Keith Keller Guest

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    NotDashEscaped: You need GnuPG to verify this message

    On 2003-09-23, Sucpraran <> wrote:
    > Like to get thoughts on maintaining session WITHOUT using Client Side
    > Cookies.


    You might want to be more specific on what you mean by a session--
    there are lots of techniques, but not all applicable to every
    situation.

    Also, comp.infosystems.www.authoring.cgi or the mod_perl list
    might be a better place for your question, since there will be
    many methods that are not perl-specific. (Most, really.)

    --keith

    --
    -francisco.ca.us
    (try just my userid to email me)
    AOLSFAQ=http://wombat.san-francisco.ca.us/cgi-bin/fom

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (GNU/Linux)
    Comment: For info see http://www.gnupg.org

    iEYEARECAAYFAj9xIKgACgkQhVcNCxZ5ID9sJwCdFod5UP4utpzlEXfhCsUCw9/Z
    ij4Anjht445LcPGoY7co14mPOb65VDps
    =52Rp
    -----END PGP SIGNATURE-----
     
    Keith Keller, Sep 24, 2003
    #3
  4. Sucpraran

    Bill Guest

    (Sucpraran) wrote in message news:<>...
    > New to Perl, Apache world.
    > Like to get thoughts on maintaining session WITHOUT using Client Side
    > Cookies.
    > Our environment is Perl, Apache, Oracle DB, Unix OS.
    >
    > What are the capabilities of Server side/Database session management
    > in this environment? We can't compromise on security and load
    > balancing (multiple servers).
    >
    > Thanks


    Have a look at SOAP (this is usable by Perl but is not language dependent):

    http://www.perl.com/pub/a/2001/04/24/soap.html
     
    Bill, Sep 24, 2003
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Floris van Haaster

    Project management / bug management

    Floris van Haaster, Sep 23, 2005, in forum: ASP .Net
    Replies:
    3
    Views:
    1,244
    Jon Paal
    Sep 23, 2005
  2. Andy Fish
    Replies:
    3
    Views:
    6,535
    Fredrik Lindner
    Nov 6, 2003
  3. laamorim
    Replies:
    1
    Views:
    6,709
    sdavids
    Aug 1, 2006
  4. James Appleby
    Replies:
    0
    Views:
    692
    James Appleby
    Apr 2, 2008
  5. _Who
    Replies:
    7
    Views:
    2,676
Loading...

Share This Page