> > Oh no, the framework doesn't depend on using a session
> > at all. Just this particular auth module depends on
> > plugging in the session beforehand.
>
> So I have to have a persistant backstoring session in
> order to use the auth module?
Well, now, but as you recommended, maybe not neces
Mark Hedges wrote:
- a lot of times people use references to
other structures when they should subclass... these
references function only to re-map arguments to other
modules, which is ridiculous.
Careful on the should. It can seem extra and possibly confusing but
isn't always. Delegation i
On Wed, 31 Dec 2008, Foo JH wrote:
> Mark Hedges wrote:
> > http://search.cpan.org/~markle/Apache2-Controller-1.000.001/
> Very interesting. I have a controller which functions in a
> slightly different way, but it's good to see alternative
> approaches. I think yours makes life easier.
Thanks Fo
Mark Hedges wrote:
On Tue, 30 Dec 2008, David Ihnen wrote:
in the meantime server 556 dublin suffered a network
connector air gap issue. A trouble ticket has been
created. These things happen.
client -> GET -> load balancer ->
server 22 london -> looks up saved requestbody !!!
This is th
On Tue, 30 Dec 2008, David Ihnen wrote:
>
> in the meantime server 556 dublin suffered a network
> connector air gap issue. A trouble ticket has been
> created. These things happen.
>
> client -> GET -> load balancer ->
> server 22 london -> looks up saved requestbody !!!
>
> This is the proble
Mark Hedges wrote:
Thanks I really do appreciate your comments.
On Mon, 29 Dec 2008, David Ihnen wrote:
Yes, I am aware of how OpenID works. And it works in-band
unless the application explicitly sidelines it - there is
no inherent side-band communication that the client and
server will use
Thanks I really do appreciate your comments.
On Mon, 29 Dec 2008, David Ihnen wrote:
> Yes, I am aware of how OpenID works. And it works in-band
> unless the application explicitly sidelines it - there is
> no inherent side-band communication that the client and
> server will use - otherwise, yo
Mark Hedges wrote:
On Mon, 29 Dec 2008, David Ihnen wrote:
Though that is, of course, specific to the application
being programmed, utilizing client-side javascript active
stuff rather than particular web server programming to
transparently handle it on the server side using basic
html2.0 typ
On Mon, 29 Dec 2008, David Ihnen wrote:
>
> Though that is, of course, specific to the application
> being programmed, utilizing client-side javascript active
> stuff rather than particular web server programming to
> transparently handle it on the server side using basic
> html2.0 type structure.
Mark Hedges wrote:
On Mon, 29 Dec 2008, David Ihnen wrote:
Say the application's session times out, but the user
posts something by clicking submit.
They are redirected to the OpenID server but it says
they are still logged in and returns a positive
response.
But you can't know that
On Mon, 29 Dec 2008, David Ihnen wrote:
> > Say the application's session times out, but the user
> > posts something by clicking submit.
> >
> > They are redirected to the OpenID server but it says
> > they are still logged in and returns a positive
> > response.
>
> But you can't know that they
Mark Hedges wrote:
The question is, since the handler doing the preservation
and installing the input filter also instantiates an
Apache2::Request object, when it gets to the response phase
controller, will the response handler's Apache2::Request
instance read the replaced data or the cached dat
Mark Hedges wrote:
[...]
Hi.
Not to discourage you, but to point out some additional aspects..
There is a Belgian proverb that says essentially "one should not try to
be more catholic than the pope".
What I mean by that is that there are many twists to web authentication,
and it is really h
On Sun, 28 Dec 2008, André Warnier wrote:
> > > > But when they come back from the OpenID server, how
> > > > do I put the saved request body or post params into
> > > > the new request?
> >
> In Apache2::AuthCookie, the author uses a trick : convert
> your POST to a GET see the sub convert_to_ge
Fred Moyer wrote:
On Sun, Dec 28, 2008 at 12:08 AM, Mark Hedges wrote:
On Sat, 27 Dec 2008, Mark Hedges wrote:
Hi, I'm trying to figure out how to preserve the request
body across an OpenID login redirect cycle.
...
But when they come back from the OpenID server, how do I put
the saved request
On Sun, Dec 28, 2008 at 12:08 AM, Mark Hedges wrote:
>
> On Sat, 27 Dec 2008, Mark Hedges wrote:
>> Hi, I'm trying to figure out how to preserve the request
>> body across an OpenID login redirect cycle.
>> ...
>> But when they come back from the OpenID server, how do I put
>> the saved request bo
On Sat, 27 Dec 2008, Mark Hedges wrote:
> Hi, I'm trying to figure out how to preserve the request
> body across an OpenID login redirect cycle.
> ...
> But when they come back from the OpenID server, how do I put
> the saved request body or post params into the new request?
Aha, I didn't quite
Hi, I'm trying to figure out how to preserve the request
body across an OpenID login redirect cycle.
This handler is running as a PerlHeaderParserHandler.
Say the application's session times out, but the user posts
something by clicking submit.
They are redirected to the OpenID server but it sa
18 matches
Mail list logo
