[Seaside] A session-aware kind of FileLibrary - how/where to start

jtuchel at objektfabrik.de jtuchel at objektfabrik.de
Sun Apr 11 12:11:59 UTC 2021 

I solved the problem differently, because this was going to be 
complicated...

I just found that WADocumentHandler is quite exactly what I was looking 
for. It even has a few advantages for my use case: it doesn't even need 
to transport any information about the file to the Browser, it just 
renders a  _d parameter and is only valid within the session. A pity 
that I overlooked this at my first attempt to solve the problem. It took 
me a few hours to rewrite things and now I have what I wanted: I can 
serve files which have no guessable URLs and can only be served within a 
session.

It also solves the Apache Load Balancer problem, because the IMG or A 
paramters are URLs within /MyApp, just like any other component. So no 
need to register it in any location that can be handled correctly by 
mod_proxy_balancer and stuff.


Thanks for listening and have a nice rest-of-the-weekend!


Joachim





Am 11.04.21 um 07:45 schrieb jtuchel at objektfabrik.de:
> Esteban,
>
>
> I used your suggestion and it works very nicely. In development ;-)
>
> Here are 2 things I encountered in a deployed image
>
>  1. If the _s parameter is not the first one in the URL, the tracking
>     Strategy will always return a nil key. Not sure why, especially in
>     the light of the fact that this works fine in a dev image
>  2. I have troubles getting things to work behind a load-balancing
>     Apache because of the path. This one is really critical to me, let
>     me explain:
>
> I have configured Apache with mod_proxy_balancer to distribute load in 
> sticky sessions to a few images who all listen to 
> localhost:xxxx/MyApp. Since my Pseudo-FileLibrary needs the session 
> context, it is necessary that all traffic of a session goes to the 
> same image. So far, so well-known and logical.
>
> The trouble is: my Application ist registered at: /MyApp, while the 
> Pseudo-FileLibrary is registered at: /documents
>
> This means that Apache mod_proxy_balancer will redirect all requests 
> that get sent to https://mydomain/documents to https://mydomain/MyApp, 
> which means a link or img tag points to the login page instead of a 
> document served by my Pseudo File Library. The Pseudo File Library 
> never gets to see a request...
>
> I couldn't find a way to register a WARequestHandler subclass as a 
> sub-path of a registered App. Because what I need is to register my 
> Handler at /MyApp/documents.
>
> WAAdmin register: MyHandler at: 'MyApp/documents'
>
> throws an error: MyHandler doesNotUnderstand: key:.
>
>
> So: how can I register a WARequestHandler at a subpath like 
> /MyApp/documents?
> Or, alternatively: how can I redirect incoming requests for 
> /MyApp/documents to /documents within my image? (It seems hard to 
> impossible to configure this on the Apache side...)
>
>
> Any ideas or hints?
>
>
>
> Joachim
>
>
>
>
>
> Am 30.03.21 um 14:54 schrieb Esteban Maringolo:
>> On Tue, Mar 30, 2021 at 6:51 AM Sven Van Caekenberghe<sven at stfx.eu>  wrote:
>>> I would try to look at WAFileHandler, which is responsible for serving the files.
>> I thought about the same approach.
>>
>> 1. Implement some WARestrictedFileHandler subclass of WAFileHandler,
>> where you configure (via a preference or plain instVar) the identifier
>> of the app that has the session registry (e.g. 'myApp')
>> 2. In the handleFiltered: you get a reference to that WAApplication
>> and then you do something like:
>>
>> handleFiltered: aRequestContext
>>    | app key session |
>>    app := WAAdmin defaultDispatcher handlerAt: 'myApp'.
>>    key := app trackingStrategy keyFromContext: aRequestContext.
>>    key isNil
>>      ifTrue: [ "generate the 403 response" ]
>>      ifFalse: [
>>       session := app cache at: key ifAbsent: [ nil ].
>>       session isNil
>>         ifTrue: [ "generate 403" ]
>>         ifFalse: [ ("check whether session is valid" ) ifTrue: [^super
>> handleFiltered: aRequestContext] ifFalse: ["403..."]
>>      ]
>> ]
>>
>> So the approach is to externally access the app session registry and
>> fetch the session from there.
>>
>> What is not clear to me is whether you want to restrict access to
>> regular Seaside FileLibraries or to some other mapping to static files
>> in a filesystem.
>>
>> Regards,
>>
>> Esteban A. Maringolo
>> _______________________________________________
>> seaside mailing list
>> seaside at lists.squeakfoundation.org
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
>
> -- 
> -----------------------------------------------------------------------
> Objektfabrik Joachim Tuchelmailto:jtuchel at objektfabrik.de
> Fliederweg 1http://www.objektfabrik.de
> D-71640 Ludwigsburghttp://joachimtuchel.wordpress.com
> Telefon: +49 7141 56 10 86 0         Fax: +49 7141 56 10 86 1
>
>
>
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside


-- 
-----------------------------------------------------------------------
Objektfabrik Joachim Tuchel          mailto:jtuchel at objektfabrik.de
Fliederweg 1                         http://www.objektfabrik.de
D-71640 Ludwigsburg                  http://joachimtuchel.wordpress.com
Telefon: +49 7141 56 10 86 0         Fax: +49 7141 56 10 86 1


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/seaside/attachments/20210411/a810b6ca/attachment.html>

More information about the seaside mailing list