/ Zope / Apsis / Pound Mailing List / Archive / 2008 / 2008-04 / Sessions in pound

[ << ] [ >> ]

[ Re: [Pound Mailing List] regex optimizing? / Dave ... ] [ listener question / David L Kensiski ... ]

Sessions in pound
Piotr Jakubowski <Piotr.Jakubowski(at)bossa.pl>		 2008-04-16 09:41:28 [ FULL ] 
Hello,

I'm currently testing pound 2.4.1 with Java Servlet application running 
on Tomcat which requires to maintain session. My application uses cookie 
for session tracking and that's where problems occurs. Parameter TTL>0 
actually means in current version of pound an absolute time since the 
first request (or response) with specified cookie to keep tracking of 
session. I think that's not a good approach for most session dependent 
web application. In my opinion the better way to do this is to change 
the meaning of the TTL parameter to relative value. That means the 
sessions will be removed after the specified TTL seconds since the _last 
request_ are elapsed. The easiest way to do this is to change function 
t_find in svc.c to:

/*
  * Find a key
  * returns the content in the parameter
  * side-effect: update the time of last access
  */
static void *
t_find(LHASH *const tab, char *const key)
{
     TABNODE t, *res;

     t.key = key;
     if((res = (TABNODE *)lh_retrieve(tab, &t)) != NULL) {
         res->last_acc = time(NULL);
         return res->content;
     }
     return NULL;
}

As I could see in comment updating the time of last access was planned 
in this function but in 2.4.1 there is no updating.

It's not as optimal as it could be because this function is called twice 
with one request - once in get_backend() and once in upd_session() 
however it's acceptable. There is also possibility to improve this and 
add one more parameter to this function and updating res->last_acc only 
in get_backend() but I'm not sure if it's worth it.

There is one more problem in get_backend() function. I tried to use 
TTL=-1 which uses hash_backend() function to find backend to route 
request to but first it doesn't work in current version of pound (only 
first request is passed) and second it won't work with cookies. It's 
because cookies are set on the backend side and it is very likely that 
hash_backend() will change the backend after the cookie is set.

However, to make it work properly in other cases get_backend() functions 
needs change in all lines with:

return hash_backend(svc->backends, svc->abs_pri, key);

to

res = hash_backend(svc->backends, svc->abs_pri, key);

I think these two patches I proposed will improve pound in it's session 
handling. Please tell me what do you think.

Best regards
Piotr
MailBoxer