Re: [Gnumed-devel] choice of web frameworks

[Sebastian Hilbert]

Am Montag 12 Juli 2010, 20:11:34 schrieb lkcl:
> > I am not sure I fully comprehend this. Could you please explain why a
> 
> global
> 
> > and a personal connection is needed ?
> 
>  ok.  the personal connection is to do personal private secure restricted
> per-user access, yes?  roles play a part, access is denied based on the
> role.
> 
>  so... um... when a browser connects - bearing in mind that you have
> ABSOLUTELY no prior knowledge of whether they have or have not connected
> before, if ever (because HTTP is "stateless") - under what user credentials
> are you going to connect to the database as, in order to ascertain from the
> cookie whether there is a session outstanding, when the session information
> is stored.... in the database!

> 
>  for that purpose, you can't use any of the other personal private secure
> restricted per-user connections, can you?
> 
>  but, until you've determined what the user is (from the session cookie),
> you can't safely decide which one of those per-user connections to actually
> use to serve the data!
> 
>  catch-22.

I trust you on that one. 

My thoughts were like this. Couldn't one connect to the database with the 
credentials supplied (kind of global=personal)? If the connection is 
successful check for the cookie.

I hope the above is not total nonsense. 

Did you review the info about the Albatross framework ? Is it of any help ?


Sebastian