R: [Chameleon] Chameleon authorization

gianluigi nozza gianluigi.nozza at tiscali.it
Thu Oct 12 05:05:03 EDT 2006

I didn't realize that chameleon should have a garbage collection feature
capable of erase expired session (based upon the value of
session.gc_maxlifetime in php.ini). I also have seen that the garbage
collection process has a default probability of 1/100 to start each time a
session is started, but even setting the probability to 100/100 apparently
garbage collection never starts (so you have to delete old sessions
manually). I have seen some post in the past already stating the problem. As
far as I know no bug report is opened about, maybe the DM solution team
could verify ?

-----Messaggio originale-----
Da: Julien-Samuel Lacroix [mailto:jlacroix at mapgears.com] 
Inviato: mercoledì 11 ottobre 2006 17.50
A: gianluigi nozza
Cc: chameleon at lists.maptools.org
Oggetto: Re: [Chameleon] Chameleon authorization

Chameleon should delete old session itself based on the session 
parameters in php.ini. If not, please open a bug.

One thing you can do is to set the Visible or Enabled parameter in your 
widgets based on the user logged. I know someone already did that, but 
don't remember who.


gianluigi nozza wrote:
> Hi all,
> I took a look to the sample_user and sample_admin phtml files to try a 
> simple authorization feature in Chameleon. I was able to setup a demo 
> application with authorization capabilities but I found that destroing 
> sessions (for example when you clean the tmp directory) also destroy the 
> sql_lite dbase in wich passwords are probably stored, so I have modified 
> the examples above to write and read files in another directory. It 
> works ! so I can clean up the tmp directory without having to define 
> each time the authorized users.
> Is it a correct approach ? or for some reason I can’t figure out, the 
> dbase must reside in the tmp directory ?
> Another question; at this point, when you have authorized an user, how 
> can you provide different functionality to your application ? I have 
> seen that one approach could be serving different templates based upon 
> the user name logged, but this of corse requires a lot of customization 
> work. Other approaches ?
> Gianluigi
> ------------------------------------------------------------------------
> _______________________________________________
> Chameleon mailing list
> Chameleon at lists.maptools.org
> http://lists.maptools.org/mailman/listinfo/chameleon

Julien-Samuel Lacroix

More information about the Chameleon mailing list