Apache-SessionManager
view release on metacpan or search on metacpan
SessionManager/cookpod.pod view on Meta::CPAN
=pod
=head1 NAME
Apache::SessionManager::cookpod - Session management Cookpod with
Apache::SessionManager
=head1 INTRODUCTION
This HOWTO describes use of L<Apache::SessionManager|Apache::SessionManager>
with several application servers and toolkits available designed to run (also)
under mod_perl. There are many ways to do it; this document will not describe
all possible configurations.
=head1 WHAT DOES Apache::SessionManager DO
L<Apache::SessionManager|Apache::SessionManager> is a HTTP session manager
wrapper around L<Apache::Session|Apache::Session>
(L<Apache::Session|Apache::Session> provides a persistence mechanism for data
associated with a session between a client and the server).
L<Apache::SessionManager|Apache::SessionManager> allows you to integrate a
transparent session management into your web application (it handles for you
the cookie/URI session tracking management).
A session is a set of interactions (HTTP transactions). For example, a visitor
may add items to be purchased to a shopping cart and the contents of the cart
may be made visible by several different pages the visitor views during the
purchase process.
=head1 Apache::SessionManager WITH CGI::Application
=head2 INTRODUCTION
This section describes how to use
L<Apache::SessionManager|Apache::SessionManager> within
L<CGI::Application|CGI::Application>. The idea is to use sublass
L<CGI::Application|CGI::Application> by adding session support and to use
CGI::Application::SessionManager as base class for your applications.
L<CGI::Application|CGI::Application> is intended to make it easier to create
sophisticated, reusable web-based applications.
L<CGI::Application|CGI::Application> is an Object-Oriented Perl module which
implements an Abstract Class. It is not intended that this package be
instantiated directly. Instead, it is intended that your Application Module
will be implemented as a Sub-Class of L<CGI::Application|CGI::Application>.
=head2 CONFIGURATION
This section illustrates how to use configure
L<Apache::SessionManager|Apache::SessionManager> for use within
L<CGI::Application|CGI::Application> Perl extension.
=head3 CONFIGURATION VIA F<httpd.conf>
In F<httpd.conf> (or any files included by the C<Include> directive):
<IfModule mod_perl.c>
PerlModule Apache::SessionManager
PerlTransHandler Apache::SessionManager
Alias /cgi-application "/usr/local/apache/cgi-application"
<Location /cgi-application>
SetHandler perl-script
PerlHandler Apache::Registry
PerlSendHeader On
PerlSetupEnv On
Options ExecCGI
PerlSetVar SessionManagerTracking On
PerlSetVar SessionManagerExpire 90
PerlSetVar SessionManagerInactivity 900
PerlSetVar SessionManagerName CGIAPPSESSIONID
PerlSetVar SessionManagerStore File
PerlSetVar SessionManagerStoreArgs "Directory => /tmp/apache_session_data/cgiapp"
PerlSetVar SessionManagerDebug 5
</Location>
</IfModule>
=head3 CONFIGURATION VIA F<.htaccess>
SessionManager/cookpod.pod view on Meta::CPAN
students on a departmental Web server at a university
=item *
individual customers of an ISP
=item *
clients of a Web-hosting company.
=back
This chapter will helps you to use
L<Apache::SessionManager|Apache::SessionManager> in one of this situation.
=head2 REQUIREMENTS
There are some prerequisites in order to install and use
L<Apache::SessionManager|Apache::SessionManager> without C<root> privileges:
=over 4
=item * a shell
Obvious
=item * gcc
C<gcc> is necessary in order to compile some required module like
L<Storable|Storable> or L<Digest::MD5|Digest::MD5> that have several XS code
=item * make
Again, obvious
=item * mod_perl with hook C<PERL_HEADER_PARSER=1>
You can use this simple script (supplied in 'Practical mod_perl' book) to see
enabled hooks:
use mod_perl_hooks;
for my $hook(mod_perl::hooks()) {
if (mod_perl::hooks($hook)) {
print "$hook is enabled\n";
}
else {
print "$hook is not enabled\n";
}
}
=item * a configurable F<.htaccess> file
I know, you could install and run another C<httpd> instance on a port greather
than 1024 and configure directly your F<httpd.conf>. Then you could ask to your
Webmaster in order to proxy your Apache from main web server (at port 80), if
you dont want export to the world a web site in a port different than 80.
So, working with F<.htaccess> files is the only possibilty to enable and
configure session manager transparently (both for web users and your
sysadmin).
Depending on wich Apache directives you would override, first you must check
the status of C<AllowOverride> directive for your directories.
If none of C<AllowOverride> directive appears in main F<httpd.conf> then you
can use all allowed directives in F<.htaccess> file (by default
C<AllowOverride> is set to C<All>, that means that any directive which has the
F<.htaccess> C<Context> is allowed in F<.htaccess> files).
Otherwise, be sure that at least the directive like:
AllowOverride FileInfo
is present in order to use C<SetHandler> in F<.htaccess> file.
You can found more info about allowed directives at
http://httpd.apache.org/docs/mod/core.html#allowoverride
For example, if you want to run CGI scripts also outside F<cgi-bin> script
directory, then a directive like:
AllowOverride FileInfo Options
should be appear in order to override directory behaviour by adding a:
Options +ExecCGI
in your F<.htaccess> file.
=item * lwp || ftp || ...
A way to transfer the perl packages in the system :-)
=back
=head2 CREATING YOU PRIVATE PERL LIBRARY DIRECTORY
First of all, you must choose and create the directory that will contain the
private installation copy of Perl modules. It should be readable by web server.
%> mkdir /path/to/your/perl-lib
=head2 INSTALLING Storable
As L<Apache::Session|Apache::Session> documentation says, "no particular
modules are required, but most of L<Apache::Session's|Apache::Session>
functions require L<Digest::MD5|Digest::MD5> and L<Storable|Storable>".
Here, we explain how to install L<Storable|Storable> if it isn't already
present in the machine. Note that starting from Perl 5.8.0,
L<Storable|Storable> is a core module.
%> lwp-download http://search.cpan.org/CPAN/authors/id/A/AM/AMS/Storable-2.07.tar.gz
%> tar -xzvf Storable-2.07.tar.gz
%> cd Storable-2.07
%> perl Makefile.PL PREFIX=/path/to/your/perl-lib
%> make
%> make test
%> make install
SessionManager/cookpod.pod view on Meta::CPAN
use lib '/path/to/your/perl-lib/lib/site_perl',
'/path/to/your/perl-lib/lib/'; # for Storable.pm
</Perl>
PerlModule Apache::SessionManager
<FilesMatch "\.cgi$">
SetHandler perl-script
PerlHandler Apache::Registry
PerlSendHeader On
PerlSetupEnv On
Options ExecCGI
PerlHeaderParserHandler Apache::SessionManager
PerlSetVar SessionManagerTracking On
PerlSetVar SessionManagerExpire 300
PerlSetVar SessionManagerInactivity 1800
PerlSetVar SessionManagerName SESSIONID
PerlSetVar SessionManagerStore File
PerlSetVar SessionManagerStoreArgs "Directory => /path/to/session/data"
PerlSetVar SessionManagerDebug 5
</FilesMatch>
</IfModule>
To test session you can use this simple CGI script:
#!/usr/bin/perl
use Data::Dumper ();
my $session = Apache::SessionManager::get_session(Apache->request);
$session->{$$ . '-' . rand()} = rand;
print "Content-type: text/html\n\n";
print '<PRE>' . Data::Dumper::Dumper($session) . '</PRE>';
Save it with a F<.cgi> extension (like F<session.cgi>) in the same directory
where you have F<.htaccess> and make it executable by web server.
=head1 USING Apache::SessionManager AND Apache::DBI
=head2 INTRODUCTION
This section describes how to use
L<Apache::SessionManager|Apache::SessionManager> with
L<Apache::DBI|Apache::DBI> when using a RDBMS for sessions back-end datastore.
L<Apache::DBI|Apache::DBI> is a useful mod_perl module that caches database
connections according to args (like DBD driver, user, password) and attributes.
So, if your application uses a different user and/or attributes to connect to a
(different) database, every connection will be cached. Also, every child could
have these cached DB's handles. L<Apache::DBI|Apache::DBI> works very well for
web applications that uses same DB user.
=head2 CONFIGURATION
There is no need of extra configuration steps to use advantage of persistent DB
connections offered by L<Apache::DBI|Apache::DBI> when using
L<Apache::SessionManager|Apache::SessionManager> with a RDBMS as session
datastore.
L<Apache::DBI|Apache::DBI> overrides DBI C<connect> and C<disconnect> methods
and it intercepts, transparently, all related calls (including
L<Apache::SessionManager|Apache::SessionManager> DBI calls) by returning cached
connections, if any.
Simply add a line like:
PerlModule Apache::DBI
in your F<httpd.conf>, or:
use Apache::DBI;
in a F<startup.pl> file where you can also setup your initial persistent
connection.
However, remember that you must load L<Apache::DBI|Apache::DBI> module before
L<DBI|DBI> or any module that uses it!
=head2 TESTING
Restart the server and... test your application :-)
Additionally, you can enable perl-status console by putting, before loading
L<Apache::DBI|Apache::DBI>, lines like:
<Location /perl-status>
SetHandler perl-script
PerlHandler Apache::Status
# or PerlResponseHandler Apache::Status in mod_perl 2
</Location>
You will see in the 'DBI connections' page, the cached datasource (in current
child) used by Apache::Session::* plugin datastore you've chosen. Also yo can
start C<httpd> in single mode with C<-X> option to work with a single child.
=head2 SEE ALSO
L<Apache::DBI|Apache::DBI>
=head1 MOVING SESSION EXPIRATION POLICIES TO THE CLIENT SIDE
=head2 INTRODUCTION
This section describes how to move expiration policies on the client side by
setting expiration cookie properties appropriately.
=head2 CONFIGURATION
Practically, you must only add C<Expires> cookie attribute in
C<SessionManagerCookieArgs> module directive:
<Location /sessions>
SetHandler perl-script
PerlHandler Apache::MyModule
PerlSetVar SessionManagerExpire none
PerlSetVar SessionManagerStore File
PerlSetVar SessionManagerCookieArgs "Path => /sessions, Expires => +2d"
PerlSetVar SessionManagerStoreArgs "Directory => /tmp"
</Location>
( run in 1.823 second using v1.01-cache-2.11-cpan-9581c071862 )