[Seaside] A session-aware kind of FileLibrary - how/where to start
jtuchel at objektfabrik.de
jtuchel at objektfabrik.de
Tue Apr 13 09:03:02 UTC 2021
Hi Annick,
thanks a lot for this information. Would've saved my sunday ;-)
I tried a few "something"s in that direction but failed, so I ended up
rewriting the whole thing to using WADocumentHandler. I am happy with
the results for now, but there is a feeling of "maybe it is not going to
be flexible enough in the future". So it is good to know this. I liked
the way a WAFileHandler worked in my dev image.
I wonder where/how you found this info?
Joachim
Am 12.04.21 um 09:51 schrieb List:
> Hi Joachim,
>
>
> You can register your files in a composite url by using 2 steps (for
> instance clubs/fichiers)
>
> (Seaside.WAAdmin defaultDispatcher handlers at: 'clubs')
> register: Seaside.WAFileHandler default
> at: 'fichiers’.
>
> Annick
>
>> Le 11 avr. 2021 à 14:11, jtuchel at objektfabrik.de
>> <mailto:jtuchel at objektfabrik.de> a écrit :
>>
>> I solved the problem differently, because this was going to be
>> complicated...
>>
>> I just found that WADocumentHandler is quite exactly what I was
>> looking for. It even has a few advantages for my use case: it doesn't
>> even need to transport any information about the file to the Browser,
>> it just renders a _d parameter and is only valid within the session.
>> A pity that I overlooked this at my first attempt to solve the
>> problem. It took me a few hours to rewrite things and now I have what
>> I wanted: I can serve files which have no guessable URLs and can only
>> be served within a session.
>>
>> It also solves the Apache Load Balancer problem, because the IMG or A
>> paramters are URLs within /MyApp, just like any other component. So
>> no need to register it in any location that can be handled correctly
>> by mod_proxy_balancer and stuff.
>>
>>
>> Thanks for listening and have a nice rest-of-the-weekend!
>>
>>
>> Joachim
>>
>>
>>
>>
>>
>> Am 11.04.21 um 07:45 schrieb jtuchel at objektfabrik.de:
>>> Esteban,
>>>
>>>
>>> I used your suggestion and it works very nicely. In development ;-)
>>>
>>> Here are 2 things I encountered in a deployed image
>>>
>>> 1. If the _s parameter is not the first one in the URL, the
>>> tracking Strategy will always return a nil key. Not sure why,
>>> especially in the light of the fact that this works fine in a
>>> dev image
>>> 2. I have troubles getting things to work behind a load-balancing
>>> Apache because of the path. This one is really critical to me,
>>> let me explain:
>>>
>>> I have configured Apache with mod_proxy_balancer to distribute load
>>> in sticky sessions to a few images who all listen to
>>> localhost:xxxx/MyApp. Since my Pseudo-FileLibrary needs the session
>>> context, it is necessary that all traffic of a session goes to the
>>> same image. So far, so well-known and logical.
>>>
>>> The trouble is: my Application ist registered at: /MyApp, while the
>>> Pseudo-FileLibrary is registered at: /documents
>>>
>>> This means that Apache mod_proxy_balancer will redirect all requests
>>> that get sent to https://mydomain/documents to
>>> https://mydomain/MyApp, which means a link or img tag points to the
>>> login page instead of a document served by my Pseudo File Library.
>>> The Pseudo File Library never gets to see a request...
>>>
>>> I couldn't find a way to register a WARequestHandler subclass as a
>>> sub-path of a registered App. Because what I need is to register my
>>> Handler at /MyApp/documents.
>>>
>>> WAAdmin register: MyHandler at: 'MyApp/documents'
>>>
>>> throws an error: MyHandler doesNotUnderstand: key:.
>>>
>>>
>>> So: how can I register a WARequestHandler at a subpath like
>>> /MyApp/documents?
>>> Or, alternatively: how can I redirect incoming requests for
>>> /MyApp/documents to /documents within my image? (It seems hard to
>>> impossible to configure this on the Apache side...)
>>>
>>>
>>> Any ideas or hints?
>>>
>>>
>>>
>>> Joachim
>>>
>>>
>>>
>>>
>>>
>>> Am 30.03.21 um 14:54 schrieb Esteban Maringolo:
>>>> On Tue, Mar 30, 2021 at 6:51 AM Sven Van Caekenberghe<sven at stfx.eu> wrote:
>>>>> I would try to look at WAFileHandler, which is responsible for serving the files.
>>>> I thought about the same approach.
>>>>
>>>> 1. Implement some WARestrictedFileHandler subclass of WAFileHandler,
>>>> where you configure (via a preference or plain instVar) the identifier
>>>> of the app that has the session registry (e.g. 'myApp')
>>>> 2. In the handleFiltered: you get a reference to that WAApplication
>>>> and then you do something like:
>>>>
>>>> handleFiltered: aRequestContext
>>>> | app key session |
>>>> app := WAAdmin defaultDispatcher handlerAt: 'myApp'.
>>>> key := app trackingStrategy keyFromContext: aRequestContext.
>>>> key isNil
>>>> ifTrue: [ "generate the 403 response" ]
>>>> ifFalse: [
>>>> session := app cache at: key ifAbsent: [ nil ].
>>>> session isNil
>>>> ifTrue: [ "generate 403" ]
>>>> ifFalse: [ ("check whether session is valid" ) ifTrue: [^super
>>>> handleFiltered: aRequestContext] ifFalse: ["403..."]
>>>> ]
>>>> ]
>>>>
>>>> So the approach is to externally access the app session registry and
>>>> fetch the session from there.
>>>>
>>>> What is not clear to me is whether you want to restrict access to
>>>> regular Seaside FileLibraries or to some other mapping to static files
>>>> in a filesystem.
>>>>
>>>> Regards,
>>>>
>>>> Esteban A. Maringolo
>>>> _______________________________________________
>>>> seaside mailing list
>>>> seaside at lists.squeakfoundation.org
>>>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>>>
>>>
>>> --
>>> -----------------------------------------------------------------------
>>> Objektfabrik Joachim Tuchelmailto:jtuchel at objektfabrik.de
>>> Fliederweg 1http://www.objektfabrik.de
>>> D-71640 Ludwigsburghttp://joachimtuchel.wordpress.com
>>> Telefon: +49 7141 56 10 86 0 Fax: +49 7141 56 10 86 1
>>>
>>>
>>>
>>> _______________________________________________
>>> seaside mailing list
>>> seaside at lists.squeakfoundation.org
>>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>>
>>
>> --
>> -----------------------------------------------------------------------
>> Objektfabrik Joachim Tuchelmailto:jtuchel at objektfabrik.de
>> Fliederweg 1http://www.objektfabrik.de
>> D-71640 Ludwigsburghttp://joachimtuchel.wordpress.com
>> Telefon: +49 7141 56 10 86 0 Fax: +49 7141 56 10 86 1
>>
>>
>> _______________________________________________
>> seaside mailing list
>> seaside at lists.squeakfoundation.org
>> <mailto:seaside at lists.squeakfoundation.org>
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
>
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
--
-----------------------------------------------------------------------
Objektfabrik Joachim Tuchel mailto:jtuchel at objektfabrik.de
Fliederweg 1 http://www.objektfabrik.de
D-71640 Ludwigsburg http://joachimtuchel.wordpress.com
Telefon: +49 7141 56 10 86 0 Fax: +49 7141 56 10 86 1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/seaside/attachments/20210413/e34e3774/attachment.html>
More information about the seaside
mailing list