RE: How to keep persistant data between web apps

["Walden H. Leverich" <WaldenL@xxxxxxxxxxxxxxx>]

Scott,

Since I need to hit the header to translate the GUID to the int for the
SessionID I decided to store the LastAccess on the header. However, if
you use the GUID as a the key to the sessionentry file you could simply
sore a lastaccess on each entry. 

The cleanup routine would then check all the lastaccess timestamps for a
session and delete the session if none of them had been touched
recently. It's more IO in the cleanup routine, but less in the get/set
routines.

-Walden

------------
Walden H Leverich III
President & CEO
Tech Software
(516) 627-3800 x11
WaldenL@xxxxxxxxxxxxxxx
http://www.TechSoftInc.com

Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)
  


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Scott Swaim
Sent: Friday, 18 February, 2005 12:00
To: Midrange Systems Technical Discussion
Subject: Re: How to keep persistant data between web apps

I think that I Will go this route.  have the initial log in program
generate 
a random session id.  Have this written to a file along with he
additional 
information that I would like to keep.  then just pass the session id to

every app from that point on.  Then each app would have a function that 
would use the sessionid to retrieve the additional info and use it for
that 
customer.  Updating a expiration date with every use so that after a 
specified period of time a server program would go through the file and 
remove all of the expired sessions.

Thanks for the insight.  I was leery of using the cookie/hidden field
method 
for the same reasons that Weldon gave.  Although I would not be keeping
any 
sensitive data such as Credit Cards, the data would be sensitive to my 
company.

Thanks again.

Scott Swaim
----- Original Message ----- 
From: "Walden H. Leverich" <WaldenL@xxxxxxxxxxxxxxx>
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Sent: Friday, February 18, 2005 10:09 AM
Subject: RE: How to keep persistant data between web apps


> >My first thought was to generate a session id that would then be
> written to
>>a file along with the additional info that I want to keep and then
have
> a
>>procedure that would retrieve the info based on the session id as the
> key.
>
> That's the way to do it. I can't speak for pages coming from RPG -- as
I
> don't do it that way -- but basically you define your own meaning of
the
> term "session." As it's generally implemented, a session is defined by
a
> cookie that's set on the client. Since the browser passes back the
> cookies for a site w/each request the cookie becomes your key into the
> session database.
>
> If your "applications" are held on different machines (or on different
> sites on the same machine) you'll need to extend the process used to
> pass the session key since cookies aren't passed between sites. But
when
> you're changing sites you could always pass the "cookie" as a form
> field, or as part of the URL.
>
> I've shared "sessions" between ColdFusion (JSP), ASP and ASP.NET
> applications hosted on several machines, works great. And thinking
about
> it now, there's no reason I couldn't add an RPG web-app into the mix,
it
> would continue to work.
>
>>From a DB point of view, my session system is rather simple. It's two
> tables, the first is the session header, the second the session
entries.
>
>
> Session table looks something like:
> SessionID int
> SessionKey Guid
> SessionIP int
> SessionCreate datetime
> SessionLastAccess datetime
>
> Session Entry table:
> SessionID int (FK to Session)
> SessionEntryKey varchar(50)
> SessionEntryValue varchar(200)
>
> The obvious limitation is that I can't store anything in session
that's
> greater than 200 bytes -- and that's ok in my case. If I needed to I
> could always store a BLOB and then serialize anything into session.
>
> As for usage, I've encapsulated all session access into get() and
set()
> functions. A call to either requires the SessionKey and
SessionEntryKey.
> Get() returns the SessionEntryValue for that key in that session,
Set()
> takes SessionEntryValue as a parm and sets the value in the database.
A
> call to either updates SessionLastAccess to be now.
>
> There's a background task that looks at all sessions and kills any w/a
> lastaccess more than xxx minutes old (we're set to 60).
>
> Oh, and SessionID (the int) is only used internally. The value that's
> passed back and forth is the sessionkey and looks like:
> F6724590-3EB6-4442-95D5-1471D04D6EB9 for example.
>
> Make sense?
>
> -Walden
>
>
> ------------
> Walden H Leverich III
> President & CEO
> Tech Software
> (516) 627-3800 x11
> WaldenL@xxxxxxxxxxxxxxx
> http://www.TechSoftInc.com
>
> Quiquid latine dictum sit altum viditur.
> (Whatever is said in Latin seems profound.)
>
>
>
> -----Original Message-----
> From: midrange-l-bounces@xxxxxxxxxxxx
> [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Scott Swaim
> Sent: Friday, 18 February, 2005 10:06
> To: MIDRANGE-L@xxxxxxxxxxxx
> Subject: How to keep persistant data between web apps
>
> I am just now starting to program for the web.  I am running V5R1
(with
> all
> current ptf's)  I am working through the easy400 deliverables and
> modifying
> them to meet my needs.  I am trying to create a web application
> framework
> that would allow our Distributors to log into the website and then
have
> access to there account information.
>
> The problem that I am facing now is try to keep data persistent
between
> applications.  I know that I can create a session HANDLE that will
allow
> for
> persistent for one app.  I would like for the user to log in using my
> own
> auth method and then keep the information (i.e. customer number, agent
> code,
> etc) to be used for other apps on the site.
>
> My first thought was to generate a session id that would then be
written
> to
> a file along with the additional info that I want to keep and then
have
> a
> procedure that would retrieve the info based on the session id as the
> key.
>
> I am new to this area for web programming.  I would like to stay with
> RPG as
> my language as that is what I am most familiar.  I am familiar with
PHP
> but
> I do not have the PASE environment installed on my machine to run PHP
> with
> my Apache server.
>
>
> Thank for any input.
>
>
> Scott Swaim
>
> -- 
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
> -- 
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing

> list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
> 

-- 
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.