Thanks Kevin! But I think of something... In my desktop environment, I create another Model object call "Session". Instead of doing a db:migrate, I just create the model itself only because I have the "sessions" table already in the database.(I use Activerecord as my session_store) And I use Session.find(:all).each do .... to sweep out all stale sessions whenever anyone trys to login to application. In other words, I put the house-keeping job in the login mechanism. This idea works fine. But there is one draw-back I can think of: the last one logs in to the system will never expire. What do think about this idea? Any other suggestion?
Mega On Apr 13, 6:28 am, Kevin Triplett <[EMAIL PROTECTED]> wrote: > Hi -- this is an interesting issue. I've been wanting to > learn more about scheduling automated tasks in Ruby on > Heroku but haven't gotten there yet. My sessions tend to > time out after a long period of time, so I haven't > researched it thoroughly. > > But that won't keep me from commenting on both, since no one > else has. ;) > > Dave Naffis' plugin looks reasonable, it's simple, which > might explain why he didn't write any test code. I would be > tempted to use it, too. > > Sweeping the database is a good idea, maybe even sweeping > sessions that were created_at more than "X time ago" to > catch attackers who hijack a session and run a script to > keep it from expiring. > > For cron-like tasks, Ilya Grigorik wrote an > article:http://www.igvita.com/2007/03/29/scheduling-tasks-in-ruby-rails/ > > From his article, it looks like OpenWFEru is a good choice > and it's a standalone gem now so quite possibly Heroku may > have it available. > > I would be concerned with any scheduler crashing. Make sure > there is some way it can be restarted automatically and a > log entry created or an email notification sent so you can > detect problems. > > Good luck! > Kevin Triplett > > mega wrote: > > Dears, is there any good way to do a session expiration in Heroku? or > > any rules to follow? > > I'm a rookie in rails, and Heroku of course, Lately, I have just > > created some simple apps in Heroku. I notice that there are some house- > > keeping work to do with user sessions. Even thought I use activerecord > > as my session_store, I still worry about possible sessions left over > > by unpredictable end-users. Reading over articles on "rails seesion > > expiration", I get 2 ways to do that. > > First, setup a cron job to clear delete those expired sessions data in > > the database. If this is the better way, then how can I set up a cron > > job in Heroku ? > > Secondly, install a session_expiration plugin offered by Dave Naffis > >http://trac.intridea.com/trac/public/wiki/SessionExpiration. > > Here is how it works: Install like "script/plugin install > >http://svn.intridea.com/svn/public/session_expiration";, and then > > simply declear "expire_session_in 5.minutes" in my > > ApplicationController. > > But the problem is, how can I install this plugin in Heroku? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/heroku?hl=en -~----------~----~----~----~------~----~------~--~---
