On 10 Jun 2009, at 09:40, Francesc Romà i Frigolé wrote:
1) static performance: serving static files directly from apache is
much faster than through catalyst. I find it specially noticeable
with big files like large pictures and pdfs. Some of the files
should not be public. If I do authentication in catalyst I can't
serve them directly from apache.
Nod so.
Look at mod_sendfile, which implements lighty's X-SendFile
Personally, I use nginx and its X-Accel-Redirect as I'm proxying
files from other web servers (MogileFS), rather
than serving them from local disk. But either way - you can do your
Authentication, Authorization and Auditing in Catalyst, then delegate
back to your web server for actually shoveling the bytes down the wire.
2) dynamic/AJAX laziness: pages that use XMLHttpRequest stop
working when authentication expires. Unless I manually detect the
condition and allow the user to re-authenticate. Using HTTP auth
should let the browser take care of this.
Erm, the reason that this will never fail with HTTP auth is that http
auth never expires (well, it always lasts one browser session), and
the browser sends the auth credentials with each request.
You can get the same effect by setting the correct options on your
session cookie.
Cheers
t0m
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
