perl-asp mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Chamas <>
Subject Re: [OT] session management
Date Thu, 06 Jun 2002 14:28:59 GMT
Sven Köhler wrote:
> hi!
> this is somewhat offtopic, but as Apache::ASP has a built-in
> Session-Management this could be a good mailing-list to discuss some
> things ...
> i have to implement a session-management withut using Apache::ASP. a
> company want's my script to pass a security-verification.

What about Apache::ASP's sessions does not work for you?  Note
that you will probably want to run your code in global.asa Script_OnStart

> 1. which sheme does Apache::ASP use to generate sessionid's and how are
> they sored within the cookie/url?

MD5 checksum some random data, and make sure that sessionid is not
previously used.

> 2. i'm thinking of using a randomly generating let's say 20chars long
> session id stored in the cookie given back to the browser. the
> session-content is stored in files. of course there's a timeout stored
> within the session.

Sounds like ASP sessions alright ( as opposed to Apache::Session ).
Make sure you really need to redo this.

-- Josh
Joshua Chamas                           Chamas Enterprises Inc.
NodeWorks Founder                       Huntington Beach, CA  USA                1-714-625-4051

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message