Le mercredi 14 mars 2012 à 08:49 +0100, Timon Roth a écrit : > in the module i figure out the cookie from the %ENV-hash, validate it > and i can make a decision, if the request is allowed or not. > > my problem now is, of i redirect th the directory, the access-process > falls into an infinte loop..:-(
Hi, I use the HeaderParser phase for this. My module grabs the session id from the cookie, and retrieves the session data from the appropriate database. If the data is valid, it lets the request through, otherwise, it redirects the client (in my case to login form). I don't have a high traffic site, so I can't tell how well it scales. It's quite fast for my needs, though. I pasted the code here : http://pastebin.com/rm8fcqiS HTH -- Vincent Veyron http://marica.fr/ Logiciel de gestion des assurances et des contentieux pour le service juridique