On Feb 16, 2014, at 16:35, Jeff Dairiki <[email protected]> wrote:
> On Sun, Feb 16, 2014 at 12:36:51PM -0600, Theron Luhn wrote: >> Thanks for letting me know. I'll look into pyramid_redis_sessions. > > Not meaning to fan a smoldering thread here, but, if cookie-based > session storage (where all the data goes in the cookie and there is > no server-side storage of session data) will work in your use case, > that is probably the most painless way to go. > > Pyramid provides for cookie-based session storage natively. Pyramid > 1.5 provides SignedCookieSessionFactory for this. > > > http://docs.pylonsproject.org/projects/pyramid/en/1.5-branch/narr/sessions.html > > Older pyramids provide UnencryptedCookieSessionFactoryConfig: > > > http://docs.pylonsproject.org/projects/pyramid/en/1.4-branch/narr/sessions.html > > No redis required. When your server fails-over, not only will there > (hopefully) be no exceptions thrown, but there will be no session > data lost, since its all stored client-side. > > More context here: > > > https://groups.google.com/forum/#!searchin/pylons-discuss/session|sort:date/pylons-discuss/RQjev5QXBqc/Xf1pUHXl1-0J > > Jeff The biggest thing to remember is to keep the secret used the same across both instances, so that when the failover occurs the other server can correctly verify that the data has not been tampered with. Bert
smime.p7s
Description: S/MIME cryptographic signature
