in the future please keep responses on list :) yperl wrote: > Geoffrey Young a écrit : > >> >> I find myself wondering if you're trying to set the cookie in one >> phase and >> read it from the PerlResponseHandler _during the same request_? >> > > Yes. Is that usage not recommended? > Nothing in the doc is against that.
it wouldn't be in the docs - it's the nature of the HTTP protocol and how cookies interact with it. > > I'm creating the cookie in a PerlAccessHandler and reading it from > a PerlResponseHandler, in the same request. nope, can't do that :) it works like this... your access handler will set the Set-Cookie header, which goes to the client. when you try to read the cookie in from your PerlResponseHandler you aren't at the client yet, so there's no cookie to read back in yet - the client has yet to receive your cookie :) on the _next_ request the client will sent the Cookie header with its request and then you'll be able to glean it in your application. [lots of stuff snipped] > GET http://coro/gdlweb/resolver > User-Agent: lwp-request/2.07 > > GET > http://coro/gdlweb/resolver?utilisateur=sara&motdepasse=sara&target=accueil > --> 200 OK > Connection: close > Date: Tue, 14 Mar 2006 20:15:47 GMT > Server: Apache/2.2.0 (Unix) GDLWeb-BnF/0.3 mod_ssl/2.2.0 OpenSSL/0.9.7i > DAV/2 mod_apreq2-20051231/2.5.7 mod_perl/2.0.3-dev Perl/v5.8.8 > Content-Length: 0 > Content-Type: text/plain > Client-Date: Tue, 14 Mar 2006 20:15:47 GMT > Client-Peer: 192.168.1.3:80 > Client-Response-Num: 1 > Set-Cookie: foo=1142367347; path=/ yup, there it is. > > * Apache output: > > [Tue Mar 14 21:10:33 2006] [error] access to /gdlweb/resolver failed for > 192.168.1.3, reason: >>> cookie: none > > [Tue Mar 14 21:10:33 2006] [error] access to /gdlweb/resolver failed for > 192.168.1.3, reason: >>> JAR: $VAR1 = 'GET /gdlweb/resolver > HTTP/1.1\nTE: deflate,gzip;q=0.3\nConnection: TE, close\nHost: > coro\nUser-Agent: lwp-request/2.07\n\nHTTP/1.1 (null)\nSet-Cookie: > foo=1142367347; path=/\n\n';\n > > > > We can easily see that the dumped object $r contains the cookie named > "foo". no it doesn't. it has the Set-Cookie header it it, which is different from the Cookie header the client will send you it has successfully registered a cookie for your domain. but really, it sounds like you're trying to reinvent the wheel a bit - take a look at Apache::AuthCookie on CPAN for cookie-based authentication. and while you can find the nuances of cookies lots of places on the web, you might find this a useful read as well, as there are lots of interesting things you can do with cookies and authentication in general with mod_perl. http://www.modperlcookbook.org/chapters/ch13.pdf HTH --Geoff
