[mapserver-dev] Call for comments - RFC 42 HTTP Cookie Forwarding
Daniel Morissette
dmorissette at mapgears.com
Fri Mar 28 13:41:01 EDT 2008
Daniel Morissette wrote:
>
>> - Putting processing values in a metadata (http_cookie_data) may be
>> going to far. The other alternative would be to add a mapfile
>> configuration parameter called HTTPCOOKIE that would be used to store
>> the cookie data. I would like to hear from others on that specific point?
>>
>
> I am also worried that the use of the metadata 'http_cookie_data' to
> store state information is a poor use of metadata. We could possibly
> move that to an httpcookie member in the mapObj, but I would definitely
> not expose it to the mapfile. Since that's state information that does
> not belong in the mapfile... only the CGI and mapscript need access to it.
>
> Another idea could be to add an applicationStateObj in the mapObj that
> could be used to store application state information (like those
> cookies, and also resultCache, labelCache, etc.)... however that is
> behyond the scope of the current RFC.
>
Sorry if I'm talking to myself, I have thought about this some more and
I propose the following scenario to address the concern of misuse of
metadata (which I am also concerned with) without having to address the
wider issue of management of application state information in the mapObj
in this RFC:
Julien could add an "Implementation Issues" section to the RFC that
would say something along the following lines:
"""
It was pointed out during the RFC review period that passing and storing
the cookie data using an "http_cookie_data" metadata is a poor use of
MapServer's metadata mechanism.
Since MapServer currently lacks a mechanism to associate application
state information to a mapObj, there is currently no better mechanism in
place to store the cookie data received from the client and pass it to
the rendering code that calls the remote WMS. Due to lack of a better
solution, for the time being we will use the "http_cookie_data" metadata
as proposed in this RFC, with the knowledge that this is a poor use of
metadata and that we as soon as a better mechanism is in place to store
and pass application state in a mapObj then this metadata will be
deprecated and replaced by this new mechanism. Developers of MapScript
applications setting this "http_cookie_data" metadata should be aware of
this and be prepared to change their code in future revisions of MapServer.
"""
Without making any formal committment in the RFC, we should also start
thinking about a proper mechanism to store/manage application state
information in a mapObj, that would not only include storing this cookie
data member, but other existing mapObj members such as resultCacheObj
and labelCacheObj should probably be handled that way as well.
Since this thread is mostly a dialogue between myself and Julien, I
suggest that you (Julien) update it based on the notes from this thread
and open it for vote.
Daniel
--
Daniel Morissette
http://www.mapgears.com/
More information about the mapserver-dev
mailing list