perl-asp mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh Chamas <j...@chamas.com>
Subject Re: Delete Session from Another User or Program
Date Wed, 05 Nov 2003 06:34:15 GMT
Stuart Johnston wrote:
> In our application, we track failed login attempts through the Session. 
>  If a user fails to login three times, they are locked out of the sytem 
> until their Session expires.
> 
> We ocassionally have users call and ask us to reset their session when 
> they have been locked out.  I would like to have a way for an 
> Administrative user to delete someone else's session.  This could be 
> from within the Apache::ASP application or from a seperate script.
> 
> Has anyone implemented something like this?  Any suggestions?
> 

When you go to expire the session, places its ID in $Application, say
in $Application->{FailedSessions} or some such.  Then you can restore
the original session via the same $Application object with this API:

   http://www.apache-asp.org/objects.html#%24Applicationaeaabc29

It is used like:

   my $restore_session = $Application->GetSession($session_id);

Use of $Session and $Application should only be for data that you really
need to persist in this way so be careful of how much you actually choose
to store in them.

For deleting a session, there is no API for this, however, you can do
something just as good by restoring the session, and then destroying its
contents like ..

   my $restore_session = $Application->GetSession($session_id);
   %$restore_session = ();

You could also try to expire it, but I have not tried that before, but
it could certainly work at this point.  $restore_session->Abandon might
work just as well at this point.

Regards,

Josh

________________________________________________________________
Josh Chamas, Founder                   phone:925-552-0128
Chamas Enterprises Inc.                http://www.chamas.com
NodeWorks Link Checker                 http://www.nodeworks.com


---------------------------------------------------------------------
To unsubscribe, e-mail: asp-unsubscribe@perl.apache.org
For additional commands, e-mail: asp-help@perl.apache.org


Mime
View raw message