André Warnier wrote:
Hi gurus.

Do I understand this correctly that if in a Perl Handler i get
my $c = $r->connection();
then $c is the object that represents the persistent TCP/IP connection between the browser and the server, in case there is "keep-alive" going on ?
>
Now lets say that I create an authentication method based on the Request (as they tend to be usually). On the first request, the authentication happens, and I set a $c->notes('credentials') value. I also set a browser cookie.

On subsequent requests, I could check this $c->notes('credentials') first, in case a previous request over the same connection already resulted in authentication, could I not ?

I just read the docs, and though it doesn't explicitly say that that that would, or wouldn't work, but the existance of $c->keepalives() makes me think that it would work. It'd be pretty easy to confirm though, so i'd suggest you do that.

In the worst case, the connection is new and I would not have these notes (meaning I then need to get the cookie, and in its absence redo an authentication); but in the vast majority of cases (depending on keep-alive), I could save myself some overhead by considering the connection as authenticated instead of the request, no ?

Or are there some pitfalls here of which I am ignorant ?
Or is the potential gain not worth the cost of getting the $r->connection ?

If you've got a heavily trafficked site, and confirming that your auth cookies are valid is expensive, then doing something like this could make sense. How much of an effect it's going to have is something that would be very dependent on the clients your site has more than anything though. You'd might want to do some investigation into how much of your traffic actually comes from from requests through a connection that was kept-alive by keep-alive.

It is an interesting idea though.

Adam

Reply via email to