[Zope] Core Session Tracking 0.9 Released
Chris McDonough
chrism@zope.com
Fri, 05 Oct 2001 02:31:07 -0400
Hi Folks,
A new version of the Core Session Tracking product (the first one in six
months!) has been released. Core Session Tracking is a Product which
allows you to easily associate transient data with anonymous users.
The product is available from
http://www.zope.org/Members/mcdonc/Products/CoreSessionTracking. To
upgrade from prior releases, just remove the "old" CoreSessionTracking
product directory and install this one as per the install instructions
in the help/CoreSessionTracking.stx document.
A list of changes since the last version is:
- Took advantage of securityinfo module and new BTrees modules. As
a result, CST 0.9 is incompatible with releases of Zope prior to
Zope 2.3.2.
- Objects are now acquisition-unwrapped before being placed into
session storage (thanks to Matt Hamilton)
- A SessionData object's __setitem__ may now be called from a
Python Script, it failed previously with a security error.
- Fixed bug in SessionDataManager security assertions which
made it impossible to change security parameters (thanks to
Uwe C. Schroeder).
- Fixed constructor number of parameter bugs (thanks to Chris
Withers).
- Fixed bugs that made isTokenFromForm, isTokenFromCookie, and
isTokenNew methods virtually useless (thanks to Frank Tegtmeyer).
- added flushTokenCookie method, which deletes the token cookie from
the client browser with prejudice. This method is useful when
you want to start out completely fresh with a different token.
- Fixed bug which caused a "TypeError: loop over non-sequence" at
startup under Zope 2.4.X in the Interfaces module which caused
the product to not be initialized properly. (Thanks to Chris
Withers and Joachim Werner).
- Added multithread test cases to testSessionDataManager.
- SessionFanout _getleaf method made more efficient by making
allowed_hashes a dictionary (thanks to Anthony Baxter).
- Added 'getName' alias to SessionData's 'getId' method for
compatibility with code written for SQLSession (thanks to
Anthony Baxter).
- SessionDataContainer keys are now required to be strings
(thanks to Anthony Baxter).
- Added a new method to SessionDataManagers, "getSessionDataByKey",
which provides a way to obtain an arbitrary session data object
by feeding it a key (as opposed to getSessionData, which always
obtained the session data object related to the current token).
A user needs to possess a special permission to be able to do this.
- Added conflict resolution to (RAM-based, internal) SessionStorage.
- Made internal data container use "LowConflictConnection" class for
its ZODB connections. This class operates differently than the
standard Connection class because it doesn't raise "read" conflict
errors.
- Removed "AutoExpireMapping" class and merged its functionality into
SessionDataContainer.
- Removed "SessionFanout" module (unecessary because we're not trying
to support pre-2.3.2 Zopes).
- Refactored tests slightly.
- Added SessioningPermissions and common modules.
Thanks!
--
Chris McDonough Zope Corporation
http://www.zope.org http://www.zope.com
"Killing hundreds of birds with thousands of stones"