[Twisted-Python] usage of sessions in twisted.web?

Tommi Virtanen tv at twistedmatrix.com
Sat Dec 21 15:54:06 EST 2002

On Sat, Dec 21, 2002 at 07:11:11AM -0600, Glyph Lefkowitz wrote:
> I'm thinking of making some pretty substantial changes to the way that Twisted
> deals with Sessions, as part of re-writing twisted.web.guard to work with
> Woven.
> Internally there are very few places where it's called (mostly in
> twisted.web.guard, which is exactly what I'm looking to get rid of ...) and it
> is a very naive, error-prone implementation.
> I'm just wondering how many of you out there are using sessions currently, and
> in what capacity, to see what upgrade path, if any, I should provide.

	Ldaptor uses HTTP sessions for all everything else but
	read-only operations. A connection to the LDAP server is
	actually stored into the HTTP session data. One specific
	requirement is the ability to expire the HTTP session and
	ask for reauthentication when the LDAP server connection
	is lost.

	All in all, I suggest reading ldaptor sources, if you have
	time and can suppress the vomiting reflex -- there are parts
	that make me sick, too. But in general it's starting to shape
	up nicely.

	PS. Losing POST form input due to missing authentication
	sucks. If you can find a clean way around that, I would
	appreciate it.

:(){ :|:&};:

More information about the Twisted-Python mailing list