Back to index

python-weblib  1.3.9
Classes | Variables
pyweblib.session Namespace Reference

Classes

class  SessionException
 Exception classes. More...
class  CorruptData
class  GenerateIDError
class  SessionExpired
class  SessionHijacked
class  MaxSessionCountExceeded
class  BadSessionId
class  InvalidSessionId
class  ThreadingLock
class  CleanUpThread
class  WebSession

Variables

string __version__ = '0.3.5'
string SESSION_ID_CHARS = '-._'
tuple SESSION_CROSSCHECKVARS

Detailed Description

pyweblib.session - server-side web session handling
(C) 2001 by Michael Stroeder <michael@stroeder.com>

This module implements server side session handling stored in
arbitrary string-keyed dictionary objects

This module is distributed under the terms of the
GPL (GNU GENERAL PUBLIC LICENSE) Version 2
(see http://www.gnu.org/copyleft/gpl.html)

$Id: session.py,v 1.28 2010/10/27 08:27:10 michael Exp $

Variable Documentation

string pyweblib.session.__version__ = '0.3.5'

Definition at line 15 of file session.py.

Initial value:
00001 (
00002   """  List of environment variables assumed to be constant throughout  web sessions with the same ID if existent.  These env vars are cross-checked each time when restoring an  web session to reduce the risk of session-hijacking.  Note: REMOTE_ADDR and REMOTE_HOST might not be constant if the client  access comes through a network of web proxy siblings.  """
00003   # REMOTE_ADDR and REMOTE_HOST might not be constant if the client
00004   # access comes through a network of web proxy siblings.
00005   'REMOTE_ADDR','REMOTE_HOST',
00006   'REMOTE_IDENT','REMOTE_USER',
00007   # If the proxy sets them but can be easily spoofed
00008   'FORWARDED_FOR','HTTP_X_FORWARDED_FOR',
00009   # These two are not really secure
00010   'HTTP_USER_AGENT','HTTP_ACCEPT_CHARSET',
00011   # SSL session ID if running on SSL server capable
00012   # of reusing SSL sessions
00013   'SSL_SESSION_ID',
00014   # env vars of client certs used for SSL strong authentication
00015   'SSL_CLIENT_V_START','SSL_CLIENT_V_END',
00016   'SSL_CLIENT_I_DN','SSL_CLIENT_IDN',
00017   'SSL_CLIENT_S_DN','SSL_CLIENT_SDN',
00018   'SSL_CLIENT_M_SERIAL','SSL_CLIENT_CERT_SERIAL',
00019 )

Definition at line 21 of file session.py.

Definition at line 19 of file session.py.