Welcome! Log In Create A New Profile

Advanced

writing a module to check validity of user sessions

All files from this thread

File Name File Size   Posted by Date  
ngx_http_check_session.c 10.7 KB open | download replay 01/24/2010 Read message
config 170 bytes open | download replay 01/24/2010 Read message
tcpserver.py 470 bytes open | download replay 01/24/2010 Read message
nginx.conf 1.1 KB open | download replay 01/24/2010 Read message
ngx_http_check_session.c 10.8 KB open | download replay 01/27/2010 Read message
nginx.conf 799 bytes open | download replay 01/27/2010 Read message
January 24, 2010 10:52AM
hi

i am currently writing a module which should send the session_id
cookie to an upstream, receive the upstreams answer, and based on the
answer decide if it should deliver a page for authenticated users or a
page for nonauthenticated ones. i do actually have a working version
now, but i think the way how i solved it is not very optimal yet
because i am kind of abusing the status_n integer of
upstream->headers_in of the upstream for something that it isn't made
for.
my current solution connects to the upstream, sends the session_id
cookie and then reads the first byte from the upstreams answers. if
the first byte is 0, it sets the upstreams http status code to 404, if
the first byte is a one it sets the status code to 403. then i just
use the 'error_page' directive to do an internal redirect to either
the authenticated location or the not authenticated location.

this works, but i think its not very nice...

i am looking for a way how i can do an internal redirect in my module
after i finished reading the reply from the upstream. i cannot do it
in the handler function because it returns before i got the answer
from the upstream. i tried using the internal_redirect function in the
callbacks which i can set on the upstream, but that doesn't seem to
work for several reasons like segfaults everywhere.

i would be really glad about a tip how to do internal redirects after
reading an upstreams answer.

i attached my module, the module configuration and the nginx
configuration which is currently working the way i want with nginx
0.7.64.

additionally i attached tcpserver.py, which is just a simple test
authentication server, it only returns a hardcoded 0 or 1 and i used
it for testing the module.

i hope i expressed more or less clearly what i am trying to achieve.

i would be really glad about any idea,

mauro
_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx
Attachments:
open | download - ngx_http_check_session.c (10.7 KB)
open | download - config (170 bytes)
open | download - tcpserver.py (470 bytes)
open | download - nginx.conf (1.1 KB)
Subject Author Posted

writing a module to check validity of user sessions Attachments

replay January 24, 2010 10:52AM

Re: writing a module to check validity of user sessions

Piotr Sikora January 24, 2010 10:52AM

Re: writing a module to check validity of user sessions

replay January 24, 2010 11:06AM

Re: writing a module to check validity of user sessions Attachments

replay January 27, 2010 05:26AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 67
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready