Hi- Although yes, Zope does provide session management of its own, it is not automatically activated. I do not currently use it. In addition, I do not want one server to think the user is logged in while the other server thinks the session has expired. What I may do is create another table in PostgreSQL to store the session ID and then have Zope and my asp pages both access that. If Josh has any ideas on a cleaner way to do this that is closer to what I originally intended, he can chime in when he wakes up :) --Quentin On Friday, July 12, 2002, at 12:53 AM, Joel Hughes wrote:
> Ok Quentin, > will I don't know much about Zope but I do know that it must have some > sort > of session management of its own. > > Why don't you do this: > when the user hits Zope and there is not username/password in the Zope > session then Zope redirects to the ASP login page. > The user then logs in and the page 'knows' that it came from Zope > (querystring/POST hidden data/referrer whatever way you want to do it) > and > so POSTs back to a Zope (via SSL if you like) 'logged in' page which > takes > the POSTed username/password and sticks it in the Zope session vars. > > joel > > > -----Original Message----- > From: Quentin Smith [mailto:[EMAIL PROTECTED]] > Sent: 12 July 2002 05:32 > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: Accessing $Session Outside Apache? > > > Hi- > I'd like to have a user be able to start either on Apache or Zope. Zope > should sense if the user has a current session (I think I can manage > this). If not, it will redirect the user to an ASP login form. The ASP > login form will then sense that the user came from Zope and then send > them back. In other words, I want my one login form in Apache to process > logins for both Apache and Zope. Since all important data is in a > PostgreSQL database, all I need is to be able to pass the username back > and forth with a reasonable amount of security (thus I can't just pass > the username as a cookie.) All I need is read-only access to the > $Session from Zope. If the user's session variable has not expired, I'd > like them to be able to access any page on either server. > I hope I have explained myself clearly. > --Quentin > P.S. If you're curious, I have www.Squishdot.org set up in Zope, and I'd > like to integrate it into my existing site. Although if you do enough > reading, you will see that Zope runs well with Apache as a proxy, this > will not work in my situation. > On Friday, July 12, 2002, at 12:19 AM, Joel Hughes wrote: > >> HI Quentin, >> interesting set up you have here.... ;-) >> >> 1does the web user pass from Apache to Zope and then back to Apache? >> I.e. is >> this serial? >> >> If the answer to is yes then I would POST the data to Zope on the "jump >> off" >> page in Apache. Zope can then always POST the data back to Apache for >> it to >> place back into $Session. >> >> ...or are you saying that you want Zope and Apache to have simultaneous >> access to this session data (why? is a user on 2 pages at the same >> time?) >> >> joel >> >> >> -----Original Message----- >> From: Quentin Smith [mailto:[EMAIL PROTECTED]] >> Sent: 12 July 2002 04:43 >> To: [EMAIL PROTECTED] >> Subject: Accessing $Session Outside Apache? >> >> >> Hi- >> I'd like to access a variable I've set in $Session *outside* Apache. My >> global.asa sets a couple variables in $Session which are based on a >> username/password the user provides. As such, I can't pass the data >> through a regular cookie. I'd like to pass data from my web server, >> running on port 8081, to another web server (www.Zope.org), running on >> port 8080 (don't ask). I think I'll have to 1) get Apache::ASP to >> send a >> different Set-cookie header to allow it to be passed to other ports on >> the same host and 2) figure out some way to safely access my StateDir >> (/tmp/hbschools/, if it matters) without corrupting it. Ideally I'd >> like >> to be able to access the session from python, although I wouldn't mind >> calling a perl script. I only need to access one variable from the >> $Session. >> I await your help, >> --Quentin >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
