[Catalyst] Re: Production session issue - commercial
supportinquiry?
Matt Pitts
mpitts at a3its.com
Fri Jan 9 03:55:06 GMT 2009
> -----Original Message-----
> From: Aristotle Pagaltzis [mailto:pagaltzis at gmx.de]
> Sent: Thursday, January 08, 2009 5:38 PM
> To: catalyst at lists.scsys.co.uk
> Subject: [Catalyst] Re: Production session issue - commercial
> supportinquiry?
>
> * Matt Pitts <mpitts at a3its.com> [2009-01-08 21:50]:
> > The actual information is in the model, I'm just using the
> > session to store a reference - $c->session->{cart_id}. Also,
> > C::Authentication is using the session to store logged in user
> > info. My usage of Session is very basic and the only thing
> > being written to the cookie is the session id. I don't think
> > P::AuthenCookie would help in this situation.
>
> Exactly the opposite! You’re not using the session mechanism for
> much of anything and it’s not working properly. What other effect
> than a positive one could eliminating sessions have? AuthenCookie
> tamper-proofs the cookie and you can store a cart owner in the
> cart data so you can auth-check it; presto, no session necessary.
Ok, I see your point. Although I hate the idea of working around the problem rather than solving it, if switching over to this eliminated the problem it certainly would narrow the search field.
I'll look into this more and see how difficult it would be to do this across the app.
Thanks,
-matt pitts
More information about the Catalyst
mailing list