Re: [Zope] generate unique user id, without cookies
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jonathan (dev101) wrote: > If you can't get cookies to work then you need to give users unique links > (ie. embed their id in an html link) or force the users to log in. For ideas on how to do the URL-embedded session ID stuff, take a look at the URL related APIs of the BrowserIdManager: - isBrowserIdFromUrl - encodeUrl - getAutoUrlEncoding - setAutoUrlEncoding The last two are probably what you want: if set, they cause all generated URLs to include the prefix '/{browser_id_name}/{browser_id}, which then gets picked out of the URL and stashed during traversal: this should give you the behavior you need, assuming that all URLs are being generated using 'absolute_url' and friends. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAktCPFwACgkQ+gerLs4ltQ4m0ACgxKqJXlwAunOYYlJqrnaKsemJ 7bQAnjsbKOt6lLMd4PUe5iGniKW0MdeB =Xxka -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] generate unique user id, without cookies
> after having some weird issues with Sessions and ZEO usage I've found > out part of the problem. > It turns out certain browsers (IE6 mostly) save the session ID cookies, > but sometimes these disappear. This results in a new _ZopeId being > generated and thus the new session is empty. > > At first i thought it was a session product problem, but in recreating > this with my own session management (mysql based) the same issue arises. > > I don't know why this happens, the only obstacle I'm facing now is to > create an adequate solution ;) The cookie approach should work. You should be able to set persistent cookies on the client browsers (unless the browser has cookies disabled, in which case you should tell the user that they must enable cookies if they want to proceed). If you can't set persistent cookies then it could be due to a cross-browser scripting problem (ie. you are setting a cookie within an iframe that is loaded from a third-party site) or you are not setting the appropriate fields in the cookie to make it persistent. You should try to investigate the cause of the "cookie disappearance" (use a tool to look at the http headers that are sent/received). If you can't get cookies to work then you need to give users unique links (ie. embed their id in an html link) or force the users to log in. Jonathan ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] generate unique user id, without cookies
after having some weird issues with Sessions and ZEO usage I've found out part of the problem. It turns out certain browsers (IE6 mostly) save the session ID cookies, but sometimes these disappear. This results in a new _ZopeId being generated and thus the new session is empty. At first i thought it was a session product problem, but in recreating this with my own session management (mysql based) the same issue arises. I don't know why this happens, the only obstacle I'm facing now is to create an adequate solution ;) Because the cookie method is not flawless we've decided to create a way to uniquely determine a user without using a client side cookie, we are already using the IP address for this, Of course that is not enough, so I was wondering what other 'unique' elements could be used for this. I've thought about adding user agent, but this is to general I think. Internal IP would be ideal, but I'm not sure this can be done (probably not). Maybe there are also 'other' zope session products that work in another way and might fix my problems as a whole? ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )