As one of the people experiencing issues with the session collisions I will attempt to explain how it manifests and my setup.
My server is a shared host, running Apache, python2.5 and Django is configured though fast-cgi (My host wont let me use mod-python). The way it seems to work is a new thread is spawned on each page request and terminated when the request is finished. The issues manifests when the sessions system generates a duplicate session id for two different users. Only 1 entry is entered into the DB, so both users are using the same session id, thus can (and do) have incorrect permissions and data. I am detecting the collisions by setting a setting a cookie value with the username they logged in with and checking it against the username in the session data. With the SVN implementation of session generation I get about 10% of my users getting an incorrect session when they login, with the latest patch I have gotten 0 collisions. The issue may actually be with the get_or_create() method of blocking collisions since if it generates a duplicate id it just grabs that data from the table and runs with it (I think), but whatever the actual cause of the issue the latest patch prevents it on my setup. *Adding this info to the ticket as well --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
