I am talking about the original persons problem. If you think you are, then you aren't explaining things very well so the original poster and others would possibly be able to understand. At the moment you seem to be offering no solution at all.
Back to the original problem, a session cookie is by default going to be bound to the server host name. Since this disambiguation doesn't include the port, you will have problems with having two separate web application installations which are under same host name, but different ports. The only way to resolve that is for each web application instance to use a different name for the name of the session cookie. That way two distinct cookies will be recorded in the web browser and although both would end up being sent to both installed web applications on the separate ports, because they would be distinguishing based on the name of the session cookie, they wouldn't care about the other and wouldn't interfere with each other. In Django you can set the SESSION_COOKIE_NAME variable in its settings file to enable this trick. Does web2py have an equivalent feature whereby the name of the session cookie can be overridden? If it doesn't, then OP poster wouldn't be able to do what he wants and thus a limitation of web2py. The only other way that sessions for different web application instances using same framework can be distinguished is where they are mounted at different non overlapping sub URLs. What would be done here is rather than change the name of the session cookie, one would set the path attribute of the cookie so that that specific cookie would only be sent by the web browser along with requests which fall under that sub URL for a host. If that path attribute is not present, the default is effectively '/' and so cookie sent no matter what URL is for that host. In other words, by setting path attribute of session cookie, web browser will separate cookies without needing to change the name of the cookie. In Django you can set the SESSION_COOKIE_PATH variable in its settings file to enable this trick. Does web2py have an equivalent feature whereby the context of what the session cookie applies to can be limited? While we are at it, does web2py allow the domain of the session cookie to be changed. That is, rather than a session cookie being limited to a single host, it could be changed to apply to an enmcompassing parent domain. In Django you can set the SESSION_COOKIE_DOMAIN variable in its settings file to enable this trick. Does web2py have an equivalent feature to control this and as a result would potentially allow a single web2py instance to be used to serve multiple host names under some common parent domain? So, look up those features of Django and how they work and then answer whether web2py has equivalent feature. If the answer for SESSION_COOKIE_NAME is yes, the OP can do what he wants. If the answer is no, then he can't do what he wants. Graham On Oct 21, 10:18 am, mdipierro <mdipie...@cs.depaul.edu> wrote: > Hi Graham, > > the session is linked to the application, not to the web2py > installation. If you install the same app twice under web2py, for > example, each of them gets its own set of sessions. Each app has its > own session name and I think that is what you refer to. > > web2py does not allow (by default) the same user to access the same > application under the same web2py from the same browser, at the same > time, because it would mess up the internal workflow of the > applications. If an action does not need to access the session, it can > release the lock. > > Massimo > > On Oct 20, 6:04 pm, Graham Dumpleton <graham.dumple...@gmail.com> > wrote: > > > > > Other web frameworks allow you to customise the name of the session > > cookie to avoid this sort of problem where different applications run > > on different ports under same host name. Other web frameworks also > > allow one to cleanly mount multiple instances of an application under > > different sub URLs of same host/port and where they need different > > session contexts, allow you to have the session cookie path be the sub > > URL so they are distinct for each instance. > > > If web2py can't do this, it is a design/implementation limitation, not > > a feature. > > > Graham > > > On Oct 21, 12:21 am, mdipierro <mdipie...@cs.depaul.edu> wrote: > > > > It is not going to be the same session. By default each app has its > > > own sessions and session keys. There is no sharing between apps. You > > > can, optionally, have one app retrieve the session keys and sessions > > > of another app but it is not a goo idea. > > > > Massimo > > > > On Oct 20, 5:50 am, Alex Fanjul <alex.fan...@gmail.com> wrote: > > > > > Thanks Massimo, > > > > one quick and maybe newbi question: if you have 2 applications (in the > > > > same server), and each application has his own session directory to > > > > store private session data, how does the server know that you are > > > > openning the "same session" in the two apps? and.. is it actually the > > > > same session even within the same browser? maybe this concern contexts, > > > > and so... > > > > > regards, > > > > alex f > > > > > > To clarify. This is not a bug. This is a feature. > > > > > > As long you store server side, web2py prevents the same user from > > > > > opening the same session twice. There is no concurrency problems for > > > > > different users. There is no problem if the same user uses two > > > > > distinct sessions (by using different browsers or different machines). > > > > > > Massimo > > > > > > On Oct 19, 4:44 pm, Alex Fanjul<alex.fan...@gmail.com> wrote: > > > > > >> Wow, this sounds me!! > > > > >> In the enterprise I'm working (by now) we have a big social network > > > > >> product (in a mix of perl and private language), and we in fact > > > > >> suffer > > > > >> from similar sessions problems/issues. > > > > >> I deed, if you have 2 applications in the same server the sessions > > > > >> are > > > > >> messed like this example... > > > > >> I think this could have to take into consideration. ¿or not? > > > > > >> Alex F > > > > > >> El 19/10/2009 16:32, Wes James escribió: > > > > > >>> On Mon, Oct 19, 2009 at 8:26 AM, SergeyPo<ser...@zarealye.com> > > > > >>> wrote: > > > > > >>>> Run two different web2py applications on same machine using two > > > > >>>> different ports (127.0.0.1:8000 and 127.0.0.1:8002). Open two > > > > >>>> browser > > > > >>>> windows for two apps (two tabs in Safari). > > > > >>>> Log in 1st application admin in 1st window. > > > > >>>> Log in 2nd app admin in 2nd window. > > > > >>>> Try to do smth in 1st window - it will ask you for password. > > > > > >>>> Is it intended behaviour or sessions do not take port number into > > > > >>>> account? > > > > > >>> When you have a browser open, a session is active across all > > > > >>> windows. > > > > >>> The only way to get around this is to open a different browser. i.e. > > > > >>> browser one is safari, browser two is firefox or opera, etc. > > > > >>> Firefox > > > > >>> 3.5.3 has private browsing, but I don't know how that would work in > > > > >>> this situation. Does private browsing put your sessions in a black > > > > >>> box that no other browser window (of the same browser instance) can > > > > >>> see?? > > > > > >>> -wes > > > > > >> -- > > > > >> Alejandro Fanjul Fdez. > > > > >> alex.fan...@gmail.comwww.mhproject.org > > > > > -- > > > > Alejandro Fanjul Fdez. > > > > alex.fan...@gmail.comwww.mhproject.org --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
