Hi everyone, We have been looking at Core Session Tracking.
From the name of this product we thought this means this product enabled zope to track zope requests grouping some requests has a unique session, i.e, some way of zope tracking all requests from a specific client/browser/session.
But no, this is a session managment product, i.e, data_manager/container and a programming api. The core doesnt stands for a code leaving on zope core, i.e, somewhere between Zserver and Zpublisher, but this word core is more related to the physical place where sessions data are stored which goes from standard FileStorage to BerkeleyStorage on a ZODB3 model basis. There were/are other alternatives SQL, FileSystem, RAM, etc. This product offers a good api for one to implement sessions using either cookies, url rewriting or form hidden fields, and it is allready prepared to scale in a zeo cluster. But we think a really good CORE session tracking should be transparent and independent of this cookies/forms options. This means be able to install zope and have somewhere an option to turn on/off zope "really core session tracking". This means zope having the ability to do sessions using http1.1 persistent connections which medusa allready implements and also most current browsers. Then no need to generate Tokens and pass them with cookies or forms, there is allready a unique identifier between the server and the client and that is in medusa socket_map. What we think is that with zope one dont need to use cookies, or url rewriting, or forms hidden fields. We should be able to simply call a method in a standard_html_header which activates sessioning. And no need for cookies, or forms, or heavy code writing. We have actually made a small test using zserver/medusa/asyncore socket_map which is a list of all persistent connections (open zchannels) in a zope server. Of course there are technical considerations to implement a consistent solution but we have made a consistent proof-of-concept. Any comments? someone thought about this before? someone from CST development thought or is thinking on this possibility, i.e, zope really core session tracking using http1.1 and no need for cookies/forms/url_rewriting? Best Regards, JS PS.For reference: See the section "A Better Solution to Session Tracking: HTTP/1.1" on: http://www.internettg.org/newsletter/mar00/workshop_session_management.html _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp