[Seaside] A session-aware kind of FileLibrary - how/where to start
jtuchel at objektfabrik.de
jtuchel at objektfabrik.de
Sun Apr 11 12:11:59 UTC 2021
I solved the problem differently, because this was going to be
complicated...
I just found that WADocumentHandler is quite exactly what I was looking
for. It even has a few advantages for my use case: it doesn't even need
to transport any information about the file to the Browser, it just
renders a _d parameter and is only valid within the session. A pity
that I overlooked this at my first attempt to solve the problem. It took
me a few hours to rewrite things and now I have what I wanted: I can
serve files which have no guessable URLs and can only be served within a
session.
It also solves the Apache Load Balancer problem, because the IMG or A
paramters are URLs within /MyApp, just like any other component. So no
need to register it in any location that can be handled correctly by
mod_proxy_balancer and stuff.
Thanks for listening and have a nice rest-of-the-weekend!
Joachim
Am 11.04.21 um 07:45 schrieb jtuchel at objektfabrik.de:
> Esteban,
>
>
> I used your suggestion and it works very nicely. In development ;-)
>
> Here are 2 things I encountered in a deployed image
>
> 1. If the _s parameter is not the first one in the URL, the tracking
> Strategy will always return a nil key. Not sure why, especially in
> the light of the fact that this works fine in a dev image
> 2. I have troubles getting things to work behind a load-balancing
> Apache because of the path. This one is really critical to me, let
> me explain:
>
> I have configured Apache with mod_proxy_balancer to distribute load in
> sticky sessions to a few images who all listen to
> localhost:xxxx/MyApp. Since my Pseudo-FileLibrary needs the session
> context, it is necessary that all traffic of a session goes to the
> same image. So far, so well-known and logical.
>
> The trouble is: my Application ist registered at: /MyApp, while the
> Pseudo-FileLibrary is registered at: /documents
>
> This means that Apache mod_proxy_balancer will redirect all requests
> that get sent to https://mydomain/documents to https://mydomain/MyApp,
> which means a link or img tag points to the login page instead of a
> document served by my Pseudo File Library. The Pseudo File Library
> never gets to see a request...
>
> I couldn't find a way to register a WARequestHandler subclass as a
> sub-path of a registered App. Because what I need is to register my
> Handler at /MyApp/documents.
>
> WAAdmin register: MyHandler at: 'MyApp/documents'
>
> throws an error: MyHandler doesNotUnderstand: key:.
>
>
> So: how can I register a WARequestHandler at a subpath like
> /MyApp/documents?
> Or, alternatively: how can I redirect incoming requests for
> /MyApp/documents to /documents within my image? (It seems hard to
> impossible to configure this on the Apache side...)
>
>
> Any ideas or hints?
>
>
>
> Joachim
>
>
>
>
>
> Am 30.03.21 um 14:54 schrieb Esteban Maringolo:
>> On Tue, Mar 30, 2021 at 6:51 AM Sven Van Caekenberghe<sven at stfx.eu> wrote:
>>> I would try to look at WAFileHandler, which is responsible for serving the files.
>> I thought about the same approach.
>>
>> 1. Implement some WARestrictedFileHandler subclass of WAFileHandler,
>> where you configure (via a preference or plain instVar) the identifier
>> of the app that has the session registry (e.g. 'myApp')
>> 2. In the handleFiltered: you get a reference to that WAApplication
>> and then you do something like:
>>
>> handleFiltered: aRequestContext
>> | app key session |
>> app := WAAdmin defaultDispatcher handlerAt: 'myApp'.
>> key := app trackingStrategy keyFromContext: aRequestContext.
>> key isNil
>> ifTrue: [ "generate the 403 response" ]
>> ifFalse: [
>> session := app cache at: key ifAbsent: [ nil ].
>> session isNil
>> ifTrue: [ "generate 403" ]
>> ifFalse: [ ("check whether session is valid" ) ifTrue: [^super
>> handleFiltered: aRequestContext] ifFalse: ["403..."]
>> ]
>> ]
>>
>> So the approach is to externally access the app session registry and
>> fetch the session from there.
>>
>> What is not clear to me is whether you want to restrict access to
>> regular Seaside FileLibraries or to some other mapping to static files
>> in a filesystem.
>>
>> Regards,
>>
>> Esteban A. Maringolo
>> _______________________________________________
>> seaside mailing list
>> seaside at lists.squeakfoundation.org
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
>
> --
> -----------------------------------------------------------------------
> Objektfabrik Joachim Tuchelmailto:jtuchel at objektfabrik.de
> Fliederweg 1http://www.objektfabrik.de
> D-71640 Ludwigsburghttp://joachimtuchel.wordpress.com
> Telefon: +49 7141 56 10 86 0 Fax: +49 7141 56 10 86 1
>
>
>
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
--
-----------------------------------------------------------------------
Objektfabrik Joachim Tuchel mailto:jtuchel at objektfabrik.de
Fliederweg 1 http://www.objektfabrik.de
D-71640 Ludwigsburg http://joachimtuchel.wordpress.com
Telefon: +49 7141 56 10 86 0 Fax: +49 7141 56 10 86 1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/seaside/attachments/20210411/a810b6ca/attachment.html>
More information about the seaside
mailing list