Reset_sessions how to?


#1

Hi,

I am maintaining sessions for storing user informations.
When i logout i clear the session using reset_session.

Will the session be available if i kill the rails server?

If yes, Why does this happen and how can i overcome this by

resetting the session?

Please give me some suggestions, since i am stuck with this for a

long time

Regards,
Vimal Das


#2

vimal wrote:

Hi,

I am maintaining sessions for storing user informations.
When i logout i clear the session using reset_session.

Will the session be available if i kill the rails server?

Try it and let us know.


#3

Hi,

Thanks for pointing it out. I’m sorry, sometimes i ask some stupid
questions. since my english is weak . Forgive me :slight_smile:

My answer is yes, the session prevails though i kill the server.
How can i overcome this by clearing the session information each
time the rails server is killed.

Thanks and Regards,
Vimal Das


#4

On Apr 27, 5:58 am, vimal removed_email_address@domain.invalid wrote:

Hi,

I am maintaining sessions for storing user informations.
When i logout i clear the session using reset_session.

Will the session be available if i kill the rails server?

If yes, Why does this happen and how can i overcome this by

resetting the session?

Well reset_session should kill the session no matter what happens
afterwards.

Other than that, the session store persists across restarts. It pretty
much depends on what your session store is. If it is one of the server
side ones ( activerecord_store, MemcacheStore etc…) then you can
clear it out. If it is the cookie store (the default) then the session
is stored on the user’s computer, so you can’t delete it. You can
invalidate it by changing your session’s secret (make sure you deal
with the exception that gets raised in those cases if you don’t want
to confuse your users). Pretty much a manual process which ever store
you use.

Fred


#5

vimal wrote:

Hi,

Thanks for pointing it out. I’m sorry, sometimes i ask some stupid
questions. since my english is weak . Forgive me :slight_smile:

My answer is yes, the session prevails though i kill the server.
How can i overcome this by clearing the session information each
time the rails server is killed.

Thanks and Regards,
Vimal Das

Have you tried:

rake db:sessions:clear


#6

On Apr 27, 9:16 am, vimal removed_email_address@domain.invalid wrote:

I am not using active_record for storing session information.
it is the cookie store session as Fred has suggested.

Would i be able to trap the Ctrl-c interrupt and then call
reset_session?

reset_session only clears out the session associated with the current
request. Unless you are in the middle of processing a request it is
meaningless.

Fred


#7

Have you tried:

rake db:sessions:clear

it says -> uninitialized constant ActiveRecord

I am not using active_record for storing session information.
it is the cookie store session as Fred has suggested.

Would i be able to trap the Ctrl-c interrupt and then call
reset_session?
But i dont know the proper way to do it


#8

I have tried it before and got the same as you said.

You can
invalidate it by changing your session’s secret (make sure you deal
with the exception that gets raised in those cases if you don’t want
to confuse your users). Pretty much a manual process which ever store
you use.

Anyway the above suggested solution is only possible if Ctrl-c
interrupt is trapped
and then routed to the proceedure

Regards,
Vimal Das


#9

Possibly you could do it by changing the secret on starting the server
up
rather than when killing it off.
Colin

2009/4/27 vimal removed_email_address@domain.invalid