It seems that when a REDIRECT is requested, apache/mod_perl chooses to
call back into itself, or resuse the same connection. In any case, when
certain redirects occur, the session is not written and the next
connection to use the process now has the same session id and session
data. It is not yet clear if this only happens when a new user comes
without a SET-COOKIE in the header, or if the SET-COOKIE is being ignored.
When we have a user in the page:
https://www.xulucorp.com/company/cartartwork.html
and we redirect back to the same page (not sure this is a good idea in
any case), the new user gets the existing session.
We are redirecting as follows:
$rdrloc=”https://www.xulucorp.com/company/cartartwork.html”;
$http_headers_out{'Location'} = [ $rdrloc, 302 ]; # we have tried with 301
Our routines are run from the html page using Execute with import set to
true, and clean defaulted (from the manual - set to zero). I have a
feeling that the CLEANUP handler is not being called, so the session is
not being written and $udat is not being cleared. The next user of the
process just inherits the session and the data.
I found a thread where someone was having a similar problem, by I don't
see it being solved:
http://www2.ecos.de/~mailarc/embperl/2002-12/msg00053.html
<http://www2.ecos.de/%7Emailarc/embperl/2002-12/msg00053.html>
---------------------
Server specs:
Fedora Core release 1 (Yarrow)
perl, v5.8.3 built for i386-linux-thread-multi
mod_perl/1.99_12
Embperl 2.0b11
Apache/2.0.50
----------------------
I may try it with CLEANUP set to 1 for immediate, but I am not sure if
that has any adverse effects besides server performance. We have had
similar issues when we used LOCATION redirects that were not absolute,
but the example above is an absolute redirect and the problem still exists.
Anyone have any ideas why this problem is occuring and what we need to
do to correct it?
Thanks for all your help,
Cliff
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
