Differences

This shows you the differences between two versions of the page.

Link to this comparison view

ideas:sessions [2010/03/09 20:18] (current)
Mark created
Line 1: Line 1:
 +====== Session Management ======
 +
 +The session management system currently in use by glFusion is very simple and does not provide any features beyond tracking if the user is logged in or not.
 +The goal of this project will be to develop an enhanced session management system that will be shared by the core glFusion code and all plugins.
 +
 +===== Requirements =====
 +
 +
 +  * Information or state must be stored.  For example, any user submitted data must be maintained across multiple HTTP requests.
 +  * Each HTTP request must carry an identifier that allows the server to process the request in the context of the stored state. 
 +  * Sessions need to have a timeout . Otherwise, if a user leaves the web site, there is no way the server can tell when the session should end.
 +  * Sessions need to be able to track multiple levels of authentication.  For example, when performing an admin function, a new session should be created and validated (password required) before the admin function is allowed.
 +  * Sessions must be scalable.  The solution must be reasonably scalable and work in a shared hosting environment.  glFusion’s goal is to run with under the restrictions imposed by most commercial hosting services.
 +  * Sessions must be secure.  Reasonable steps must be taken to ensure session ids cannot be stolen or reused.
 +
 +===== Skills Needed =====
 +
 +
 +A strong understanding of PHP and SQL databases will be required.    Understanding the current authentication and session management system in glFusion is also required.  
 +
 +===== Difficulty =====
 +
 +
 +Moderate
 +
 +Session management in PHP is not anything new.  The challenge will be implementing the necessary hooks to allow plugins to utilize the session infrastructure.
 +
 +===== Licensing =====
 +
 +
 +All code must be created using the GNU General Public License
  
ideas/sessions.txt · Last modified: 2010/03/09 20:18 by Mark
 
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3