Commented: (MODPYTHON-111) Sessions don't set accessed time

Web Server Talk > Web Servers reviews > Apache Server configuration support > Apache Mod-Python > Commented: (MODPYTHON-111) Sessions don't set accessed time

Last Thread Next Thread Next

Commented: (MODPYTHON-111) Sessions don't set accessed time

Graham Dumpleton (JIRA)

01-21-06 11:32 PM

[ http://issues.apache.org/jira/brows...236
3542 ]

Graham Dumpleton commented on MODPYTHON-111:
--------------------------------------------

Note that making such a change could have noticeable consequences as far as 
performance goes. Where login based session authentication is used to cover 
access to everything in a directory, including auxiliary files such as stati
c images included in a HTML
page, you would incur the override of a commit on every single access, inclu
ding to the images. In those situations it is preferable that only the page/
code with represents the core resource should perform the commit for time ac
cessed. The only way you c
an achieve this is to leave it as now and for the programmer to code the com
mit explicitly in the required place. If you auto commit on every access, yo
u impose the performance hit on everyone and doubly so for existing code whi
ch already performs the req
uired commit. Thus changing this may have a significant impact on existing c
ode.

BTW, a lot of those other systems probably came along after mod_python imple
mented sessions. They also do what they do as part of a bigger picture of ma
king it easier for dumb users to use the systems. An aim of mod_python on th
e over hand is performance,
control and flexibility. By auto commiting, you have taken away just a littl
e bit of that control as once done you can't revert the change. It is thus p
erferable that if you want auto commit, you implement it in a layer above th
e API that is provided. Si
nce a good design would implement session creation in a web application in o
ne spot, it means you only have to accomodate for it in one spot, so in prac
tice it should not be a big drama for a user to do themselves.

> Sessions don't set accessed time on read
> ----------------------------------------
>
>          Key: MODPYTHON-111
>          URL: http://issues.apache.org/jira/browse/MODPYTHON-111
>      Project: mod_python
>         Type: Bug
>   Components: session
>     Versions: 3.1.4
>  Environment: Suse 10, Apache2 worker
>     Reporter: Sebastjan Trep?a

>
> When you read or access session it does not set new accessed time so it ev
entually dies(depends on the timeout).
> It only sets the accessed time when you save the session and that is not h
ow sessions normally function(at least not on all other systems). IMHO it sh
ould set its accessed time when it was actually accessed and not only when s
aved.
> A bit more about this issue can be found here: http://www.modpython.org/pipermail/...ary/019889.html

[ Post a follow-up to this message ]