[CDBI] session handling in cdbi

William Ross will at spanner.org
Tue Oct 4 17:50:38 BST 2005


On 4 Oct 2005, at 09:51, Patrik Wallstrom wrote:

> Hi!
>
> I am trying to figure out a smart way of handling permissions in
> Class::DBI. The idea is having a kind of session object and pass that
> around.

You don't say what you're working on, but session-based access  
control suggests that it's a web application, or some other stateless  
system that needs a bit of continuity. If that's right, then you  
should find the standard methods work quite well. I use  
Apache::Authcookie and some fairly simple user and group classes to  
restrict access to objects and functions, but other methods should  
work equally well. They will usually make your current-user  
information more or less environmental and save you having to pass  
around session information.

If you're encountering problems, it's more likely that they're  
architectural. Class::DBI is very clean when there is one user  
accessing one datasource through one instance of a script, but in a  
persistent environment it quickly gets tangled up. We would need to  
know more about your application to make any suggestions there.

If this isn't an online application, or some other request-based  
service, then I wonder whether session-based access control is the  
right answer? You should be able to rely on existing context rather  
than passing a person around.

best,

will





More information about the ClassDBI mailing list