writing a module to check validity of user sessions
Mauro Stettler
mauro.stettler at gmail.com
Sun Jan 24 18:43:48 MSK 2010
hi
i am currently writing a module which should send the session_id
cookie to an upstream, receive the upstreams answer, and based on the
answer decide if it should deliver a page for authenticated users or a
page for nonauthenticated ones. i do actually have a working version
now, but i think the way how i solved it is not very optimal yet
because i am kind of abusing the status_n integer of
upstream->headers_in of the upstream for something that it isn't made
for.
my current solution connects to the upstream, sends the session_id
cookie and then reads the first byte from the upstreams answers. if
the first byte is 0, it sets the upstreams http status code to 404, if
the first byte is a one it sets the status code to 403. then i just
use the 'error_page' directive to do an internal redirect to either
the authenticated location or the not authenticated location.
this works, but i think its not very nice...
i am looking for a way how i can do an internal redirect in my module
after i finished reading the reply from the upstream. i cannot do it
in the handler function because it returns before i got the answer
from the upstream. i tried using the internal_redirect function in the
callbacks which i can set on the upstream, but that doesn't seem to
work for several reasons like segfaults everywhere.
i would be really glad about a tip how to do internal redirects after
reading an upstreams answer.
i attached my module, the module configuration and the nginx
configuration which is currently working the way i want with nginx
0.7.64.
additionally i attached tcpserver.py, which is just a simple test
authentication server, it only returns a hardcoded 0 or 1 and i used
it for testing the module.
i hope i expressed more or less clearly what i am trying to achieve.
i would be really glad about any idea,
mauro
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ngx_http_check_session.c
Type: application/octet-stream
Size: 10908 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20100124/dfd2bef6/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: config
Type: application/octet-stream
Size: 169 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20100124/dfd2bef6/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tcpserver.py
Type: application/octet-stream
Size: 469 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20100124/dfd2bef6/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx.conf
Type: application/octet-stream
Size: 1095 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20100124/dfd2bef6/attachment-0003.obj>
More information about the nginx
mailing list