[Zope-Annce] Core Session Tracking 0.9 Released
Fri, 05 Oct 2001 02:31:07 -0400
A new version of the Core Session Tracking product (the first one in six
months!) has been released. Core Session Tracking is a Product which
allows you to easily associate transient data with anonymous users.
The product is available from
upgrade from prior releases, just remove the "old" CoreSessionTracking
product directory and install this one as per the install instructions
in the help/CoreSessionTracking.stx document.
A list of changes since the last version is:
- Took advantage of securityinfo module and new BTrees modules. As
a result, CST 0.9 is incompatible with releases of Zope prior to
- Objects are now acquisition-unwrapped before being placed into
session storage (thanks to Matt Hamilton)
- A SessionData object's __setitem__ may now be called from a
Python Script, it failed previously with a security error.
- Fixed bug in SessionDataManager security assertions which
made it impossible to change security parameters (thanks to
Uwe C. Schroeder).
- Fixed constructor number of parameter bugs (thanks to Chris
- Fixed bugs that made isTokenFromForm, isTokenFromCookie, and
isTokenNew methods virtually useless (thanks to Frank Tegtmeyer).
- added flushTokenCookie method, which deletes the token cookie from
the client browser with prejudice. This method is useful when
you want to start out completely fresh with a different token.
- Fixed bug which caused a "TypeError: loop over non-sequence" at
startup under Zope 2.4.X in the Interfaces module which caused
the product to not be initialized properly. (Thanks to Chris
Withers and Joachim Werner).
- Added multithread test cases to testSessionDataManager.
- SessionFanout _getleaf method made more efficient by making
allowed_hashes a dictionary (thanks to Anthony Baxter).
- Added 'getName' alias to SessionData's 'getId' method for
compatibility with code written for SQLSession (thanks to
- SessionDataContainer keys are now required to be strings
(thanks to Anthony Baxter).
- Added a new method to SessionDataManagers, "getSessionDataByKey",
which provides a way to obtain an arbitrary session data object
by feeding it a key (as opposed to getSessionData, which always
obtained the session data object related to the current token).
A user needs to possess a special permission to be able to do this.
- Added conflict resolution to (RAM-based, internal) SessionStorage.
- Made internal data container use "LowConflictConnection" class for
its ZODB connections. This class operates differently than the
standard Connection class because it doesn't raise "read" conflict
- Removed "AutoExpireMapping" class and merged its functionality into
- Removed "SessionFanout" module (unecessary because we're not trying
to support pre-2.3.2 Zopes).
- Refactored tests slightly.
- Added SessioningPermissions and common modules.
Chris McDonough Zope Corporation
"Killing hundreds of birds with thousands of stones"