4Suite API Documentation

Module Ft.Server.Server.Http.Session

HTTP session management. Inspired by the Java Servlet API at: http://java.sun.com/products/servlet/2.2/javadoc/javax/servlet/http/package-summary.html (particularly javax.servlet.http.HttpSession)
Copyright 2002,2003 Fourthought, Inc. (USA).
Detailed license and copyright information: http://4suite.org/COPYRIGHT
Project home, documentation, distributions: http://4suite.org/


class CookieSession(Session)
An implmentation of the Session object that uses HTTP cookies, as described in http://home.netscape.com/newsref/std/cookie_spec.html (Netscape cookies) and http://www.faqs.org/rfcs/rfc2109.html (standard cookies)


Overrides: __init__ from class Session
create(self, sid)
Does whatever initialization can be done once the session ID is known.
Overrides: create from class Session
getSessionId(self, args, headers, logger)
Attempts to get the session id from the Cookie Header.
Overrides: getSessionId from class Session
updateHeaders(self, repo, headers, logger)
Updates the response headers to reflect the current session info. repo - repository instance for getting expiration info for the current session headers - dictionary to be updated with cookie headers logger - destination for logged remarks
Overrides: updateHeaders from class Session

Methods inherited from class Session


COOKIE_HEADER = 'Set-Cookie'
SESSION_KEY = 'sessionId'
class Session
Representation of a stateful session for use with HTTP requests and responses, as described in RFC 2965.
Exposes attribute "id", which must be a unique id in string form.

Currently, the deprecated but widely-used Netscape cookie mechanism is
employed, plus as much of RFC 2109 as is practical, rather than the more
featureful, standardized Cookie2 mechanism advocated by RFC 2965. If
cookies are not able to be used, a framework is in place for using URL
rewriting; however the implementation is incomplete.

The userAgentVariables member is a dictionary of additional stuff
to be held in the session persistence mechanism *independently* of
the repository  session data.  Use very sparingly, and only for data
that is not affected by user taint

   http://home.netscape.com/newsref/std/cookie_spec.html  (Netscape cookies)
   http://www.faqs.org/rfcs/rfc2109.html  (standard cookies)
   http://www.faqs.org/rfcs/rfc2965.html  (Cookie2)
   http://www.faqs.org/rfcs/rfc2616.html  (HTTP/1.1)

TO-DO: Implement the equivalent of various useful methods found in the
javax.servlet.http.HttpSession portion of the Java Servlet API.


A session object is initially created without a session ID.
create(self, sid)
This method is called to allow a session to do whatever initialization can be done once its ID is known. (The ID is not known when the class is instantiated)
getSessionId(self, args, headers)
Get the session ID. Must be overridden
updateBody(self, repo, body)
This method is called to allow a session to update the response body before it is written out.
updateHeaders(self, repo, headers, logger)
This method is called to allow a session to update the persistence mechanism in the process of the HTTP response (cookie, URL re-write, etc.)


Create(sid, method, logger=None)
Creates and returns a new session with the given ID
Retrieve(args, headers, sessionType, logger=None)
Examines the given request headers for a reference to an existing session. (e.g., a Cookie header with a session-id value). If the 4SS repository contains data for the referenced session, a Session object with the appropriate ID and session data is returned. Otherwise, None is returned.


g_sessionFactory = {'Cookie': <class Ft.Server.Server.Http.Session.CookieSession>}