[Seaside] A session-aware kind of FileLibrary - how/where to start
jtuchel at objektfabrik.de
jtuchel at objektfabrik.de
Sun Apr 11 05:45:44 UTC 2021
Esteban,
I used your suggestion and it works very nicely. In development ;-)
Here are 2 things I encountered in a deployed image
1. If the _s parameter is not the first one in the URL, the tracking
Strategy will always return a nil key. Not sure why, especially in
the light of the fact that this works fine in a dev image
2. I have troubles getting things to work behind a load-balancing
Apache because of the path. This one is really critical to me, let
me explain:
I have configured Apache with mod_proxy_balancer to distribute load in
sticky sessions to a few images who all listen to localhost:xxxx/MyApp.
Since my Pseudo-FileLibrary needs the session context, it is necessary
that all traffic of a session goes to the same image. So far, so
well-known and logical.
The trouble is: my Application ist registered at: /MyApp, while the
Pseudo-FileLibrary is registered at: /documents
This means that Apache mod_proxy_balancer will redirect all requests
that get sent to https://mydomain/documents to https://mydomain/MyApp,
which means a link or img tag points to the login page instead of a
document served by my Pseudo File Library. The Pseudo File Library never
gets to see a request...
I couldn't find a way to register a WARequestHandler subclass as a
sub-path of a registered App. Because what I need is to register my
Handler at /MyApp/documents.
WAAdmin register: MyHandler at: 'MyApp/documents'
throws an error: MyHandler doesNotUnderstand: key:.
So: how can I register a WARequestHandler at a subpath like
/MyApp/documents?
Or, alternatively: how can I redirect incoming requests for
/MyApp/documents to /documents within my image? (It seems hard to
impossible to configure this on the Apache side...)
Any ideas or hints?
Joachim
Am 30.03.21 um 14:54 schrieb Esteban Maringolo:
> On Tue, Mar 30, 2021 at 6:51 AM Sven Van Caekenberghe <sven at stfx.eu> wrote:
>> I would try to look at WAFileHandler, which is responsible for serving the files.
> I thought about the same approach.
>
> 1. Implement some WARestrictedFileHandler subclass of WAFileHandler,
> where you configure (via a preference or plain instVar) the identifier
> of the app that has the session registry (e.g. 'myApp')
> 2. In the handleFiltered: you get a reference to that WAApplication
> and then you do something like:
>
> handleFiltered: aRequestContext
> | app key session |
> app := WAAdmin defaultDispatcher handlerAt: 'myApp'.
> key := app trackingStrategy keyFromContext: aRequestContext.
> key isNil
> ifTrue: [ "generate the 403 response" ]
> ifFalse: [
> session := app cache at: key ifAbsent: [ nil ].
> session isNil
> ifTrue: [ "generate 403" ]
> ifFalse: [ ("check whether session is valid" ) ifTrue: [^super
> handleFiltered: aRequestContext] ifFalse: ["403..."]
> ]
> ]
>
> So the approach is to externally access the app session registry and
> fetch the session from there.
>
> What is not clear to me is whether you want to restrict access to
> regular Seaside FileLibraries or to some other mapping to static files
> in a filesystem.
>
> Regards,
>
> Esteban A. Maringolo
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
--
-----------------------------------------------------------------------
Objektfabrik Joachim Tuchel mailto:jtuchel at objektfabrik.de
Fliederweg 1 http://www.objektfabrik.de
D-71640 Ludwigsburg http://joachimtuchel.wordpress.com
Telefon: +49 7141 56 10 86 0 Fax: +49 7141 56 10 86 1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/seaside/attachments/20210411/2ceb02d4/attachment.html>
More information about the seaside
mailing list