R: [Chameleon] Chameleon authorization
gianluigi nozza
gianluigi.nozza at tiscali.it
Thu Oct 12 05:05:03 EDT 2006
I didn't realize that chameleon should have a garbage collection feature
capable of erase expired session (based upon the value of
session.gc_maxlifetime in php.ini). I also have seen that the garbage
collection process has a default probability of 1/100 to start each time a
session is started, but even setting the probability to 100/100 apparently
garbage collection never starts (so you have to delete old sessions
manually). I have seen some post in the past already stating the problem. As
far as I know no bug report is opened about, maybe the DM solution team
could verify ?
-----Messaggio originale-----
Da: Julien-Samuel Lacroix [mailto:jlacroix at mapgears.com]
Inviato: mercoledì 11 ottobre 2006 17.50
A: gianluigi nozza
Cc: chameleon at lists.maptools.org
Oggetto: Re: [Chameleon] Chameleon authorization
Hi,
Chameleon should delete old session itself based on the session
parameters in php.ini. If not, please open a bug.
One thing you can do is to set the Visible or Enabled parameter in your
widgets based on the user logged. I know someone already did that, but
don't remember who.
Julien
gianluigi nozza wrote:
> Hi all,
>
> I took a look to the sample_user and sample_admin phtml files to try a
> simple authorization feature in Chameleon. I was able to setup a demo
> application with authorization capabilities but I found that destroing
> sessions (for example when you clean the tmp directory) also destroy the
> sql_lite dbase in wich passwords are probably stored, so I have modified
> the examples above to write and read files in another directory. It
> works ! so I can clean up the tmp directory without having to define
> each time the authorized users.
>
> Is it a correct approach ? or for some reason I cant figure out, the
> dbase must reside in the tmp directory ?
>
> Another question; at this point, when you have authorized an user, how
> can you provide different functionality to your application ? I have
> seen that one approach could be serving different templates based upon
> the user name logged, but this of corse requires a lot of customization
> work. Other approaches ?
>
> Gianluigi
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Chameleon mailing list
> Chameleon at lists.maptools.org
> http://lists.maptools.org/mailman/listinfo/chameleon
--
Julien-Samuel Lacroix
Mapgears
http://www.mapgears.com/
More information about the Chameleon
mailing list