CSC/ECE 517 Fall 2012/ch1b 1w67 ks: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 12: Line 12:
= Session in Ruby =
= Session in Ruby =
In Ruby session persists forever and is stored in the browser cookies by default. The session data can thus be deleted by clearing content of the cookies. Session is useful when we have to remember the state for  a long time. Examples include Authentication where the user enters its login id and password that needs to be available for the whole session that the user is logged in. There are some alternative storage modes for session such as Storage table or No SQL data structure.
In Ruby session persists forever and is stored in the browser cookies by default. The session data can thus be deleted by clearing content of the cookies. Session is useful when we have to remember the state for  a long time. Examples include Authentication where the user enters its login id and password that needs to be available for the whole session that the user is logged in. There are some alternative storage modes for session such as Storage table or No SQL data structure.
<p>Development of the concept your article describes can be created in sections and subsections.</p>
 




Line 19: Line 19:


== Session  ==
== Session  ==
Session stores small amount of data that persists between requests. The session is only available in the controller and the view and can use one of a number of different storage mechanisms such as cookies, tables, cache, memcache etc
Session stores small amount of data that persists between requests. The session is only available in the controller and the view and can use one of a number of different storage mechanisms such as cookies, tables, cache, memcache etc.
The session stores session id in cookies as it is insecure when embedded in the url.This unique id is used to look up the session data on its storage locations such as cookies, database tables, no sql data structure, cache etc.The data storage in cookies by default makes the session lightweight and easy to access and it does not requires calls to the storage locations for accessing the session data. The cookies can store atmost 4 kb data and hence gives cookie overflow exception if the data in the session exceeds the 4 kb limit.The cookie data is not encrypted but it cannot be edited by being visible in the url.
The session stores session id in cookies as it is insecure when embedded in the url.This unique id is used to look up the session data on its storage locations such as cookies, database tables, no sql data structure, cache etc.The data storage in cookies by default makes the session lightweight and easy to access and it does not requires calls to the storage locations for accessing the session data. The cookies can store atmost 4 kb data and hence gives cookie overflow exception if the data in the session exceeds the 4 kb limit.The cookie data is not encrypted but it cannot be edited by being visible in the url.


If your user sessions don’t store critical data or don’t need to be around for long periods (for instance if you just use the flash for messaging), you can consider using ActionDispatch::Session::CacheStore. This will store sessions using the cache implementation you have configured for your application. The advantage of this is that you can use your existing cache infrastructure for storing sessions without requiring any additional setup or administration. The downside, of course, is that the sessions will be ephemeral and could disappear at any time.</p>


== Flash ==
== Flash ==
Line 37: Line 36:




= Difference between Session and Flash =
 
<p>Like an outline, you shouldn't have a single section or subsection.  Your subsections can go many levels deep!</p>


= Advantages/Disadvantages =
= Advantages/Disadvantages =
<p>Like an outline, you shouldn't have a single section or subsection.  Your subsections can go many levels deep!</p>
<p>Like an outline, you shouldn't have a single section or subsection.  Your subsections can go many levels deep!</p>


== Session, Advantages ==
== Session ==
<p>This is a subsection of section 1. Obviously, you name each of your sections and subsections as appropriate for your article.</p>
 
Session Advantages:
-A session object helps us store useful information about the application like the session_id, currently logged in user details
-It is similar to hash and helps us take advantages of the hash functionalities in Ruby
-Since, it persists forver, the session variables can be used to perfrom authentication,server side validation and take care of the security aspects of the appliction
 
Disadvantages:
-The session object is a heavy weight object as it is used to store a lot of application related information.
-we have to be careful while dealing with session variables as it is subject to malicious attacks and sensitive information can be divulged if not taken care of while programming
-As the session variables persists forever, it is the programmers responsibility to reset the information of the application when the application goes out of the current scope logically.
-Too many session variable manipulation and storage can make the code inefficient and can cause unexpected behaviour if not programmed carefully
 


== Session, Disadvantages ==
== Flash ==
<p>Like an outline, you shouldn't have a single section or subsection.  Your subsections can go many levels deep!</p>


== Flash, Advantages ==
Flash Advantages:
<p>This is a subsection of section 1. Obviously, you name each of your sections and subsections as appropriate for your article.</p>
-A light weight object that helps us store the information of the state the application is in.
-Since flash is similar to hash, it helps us abuse the advantages of hash. Although, the most commonly used keys are :notice and :warning, any key can be passed into -the flash object and the user is responsible for extracting the inforation from the corresponding object*
-It is less tedious to manage as its lifetime persists only until the next request.


== Flash, Disadvantages ==
Disadvantages:
<p>Like an outline, you shouldn't have a single section or subsection. Your subsections can go many levels deep!</p>
-As the information stored in the flash object persists only until the next request, it is not useful for providing security related capabilities to the application.
-It has limited capabilities and used for displaying sinple error messages, notices or warnings in the application.
-It cannot store dynamic information




= Conclusion/Summary =
= Conclusion/Summary =
<p>Articles generally end with a conclusion or summary section.</p>
Conclusion:
HTTP is a stateless protocol and the web applications require saving of the applicaion state frequently. Based on the application state, certain actions are taken. This is possible in RUBY using redirection flash object. The redirection flash object persists for a short duration and helps us store simple information about the application. Another flash like object that provices us very rich capabilities in terms of information storge, authentication and security is the session object. We have seen the differences between the two. It is the programmers responsibility to approriately use the flash or the session abject depending on what needs to be achieved.


= Definitions =
= Definitions =
Line 63: Line 76:


= References =
= References =
<p>Your references go here.  You should allow the WIKI to create your references list automatically by using inline citations.</p>
<references />
<references />
http://www.youtube.com/watch?v=0m8lmRwS7E0
http://www.youtube.com/watch?v=0m8lmRwS7E0
http://www.youtube.com/watch?v=0m8lmRwS7E0
http://ruby.railstutorial.org/chapters/sign-in-sign-out#sec:sessions_controller
http://www.tutorialspoint.com/ruby-on-rails/rails-session-cookies.htm
http://guides.rubyonrails.org/action_controller_overview.html#the-flash
http://guides.rubyonrails.org/security.html#sessions

Revision as of 23:28, 3 October 2012

A brief introduction to your article. The table of contents, which is generated automatically, will show up just below this introduction.

Overview/Introduction

Redirection in ruby refers to the where a user is redirected from one page to another.As the http requests are stateless, hence this leads to losing all the state that we had before. Thus Rails provides a hash called Flash such that it persists until the end of the next request received. Also there is a session hash, which unlike flash persists forever. <ref>http://www.youtube.com/watch?v=0m8lmRwS7E0</ref>.

For information on how to format the text of your article, create tables, and use section headings and references, see this article.

Flash in Ruby

Flash in ruby helps to remember the state until the end of the next request. It is basically used to store error messages as warnings and information as notice in the hash. This is used in views to print the error messages or notice. Instead of notice or warnings, we can define user defined hash and print its value in the view as we did for the notice and warnings. Basically it helps in flashing messages on the views.

Session in Ruby

In Ruby session persists forever and is stored in the browser cookies by default. The session data can thus be deleted by clearing content of the cookies. Session is useful when we have to remember the state for a long time. Examples include Authentication where the user enters its login id and password that needs to be available for the whole session that the user is logged in. There are some alternative storage modes for session such as Storage table or No SQL data structure.


Various uses of Session/Flash

Create as many sections and subsections as necessary to support your article.

Session

Session stores small amount of data that persists between requests. The session is only available in the controller and the view and can use one of a number of different storage mechanisms such as cookies, tables, cache, memcache etc. The session stores session id in cookies as it is insecure when embedded in the url.This unique id is used to look up the session data on its storage locations such as cookies, database tables, no sql data structure, cache etc.The data storage in cookies by default makes the session lightweight and easy to access and it does not requires calls to the storage locations for accessing the session data. The cookies can store atmost 4 kb data and hence gives cookie overflow exception if the data in the session exceeds the 4 kb limit.The cookie data is not encrypted but it cannot be edited by being visible in the url.


Flash

Like an outline, you shouldn't have a single section or subsection. Your subsections can go many levels deep!

Examples

Like an outline, you shouldn't have a single section or subsection. Your subsections can go many levels deep!

Session

This is a subsection of section 1. Obviously, you name each of your sections and subsections as appropriate for your article.

Flash

Like an outline, you shouldn't have a single section or subsection. Your subsections can go many levels deep!



Advantages/Disadvantages

Like an outline, you shouldn't have a single section or subsection. Your subsections can go many levels deep!

Session

Session Advantages: -A session object helps us store useful information about the application like the session_id, currently logged in user details -It is similar to hash and helps us take advantages of the hash functionalities in Ruby -Since, it persists forver, the session variables can be used to perfrom authentication,server side validation and take care of the security aspects of the appliction

Disadvantages: -The session object is a heavy weight object as it is used to store a lot of application related information. -we have to be careful while dealing with session variables as it is subject to malicious attacks and sensitive information can be divulged if not taken care of while programming -As the session variables persists forever, it is the programmers responsibility to reset the information of the application when the application goes out of the current scope logically. -Too many session variable manipulation and storage can make the code inefficient and can cause unexpected behaviour if not programmed carefully


Flash

Flash Advantages: -A light weight object that helps us store the information of the state the application is in. -Since flash is similar to hash, it helps us abuse the advantages of hash. Although, the most commonly used keys are :notice and :warning, any key can be passed into -the flash object and the user is responsible for extracting the inforation from the corresponding object* -It is less tedious to manage as its lifetime persists only until the next request.

Disadvantages: -As the information stored in the flash object persists only until the next request, it is not useful for providing security related capabilities to the application. -It has limited capabilities and used for displaying sinple error messages, notices or warnings in the application. -It cannot store dynamic information


Conclusion/Summary

Conclusion: HTTP is a stateless protocol and the web applications require saving of the applicaion state frequently. Based on the application state, certain actions are taken. This is possible in RUBY using redirection flash object. The redirection flash object persists for a short duration and helps us store simple information about the application. Another flash like object that provices us very rich capabilities in terms of information storge, authentication and security is the session object. We have seen the differences between the two. It is the programmers responsibility to approriately use the flash or the session abject depending on what needs to be achieved.

Definitions

For any definitions where you don't have inline hypertext links to the definition you can place the definition of those terms here.

References

<references /> http://www.youtube.com/watch?v=0m8lmRwS7E0 http://www.youtube.com/watch?v=0m8lmRwS7E0 http://ruby.railstutorial.org/chapters/sign-in-sign-out#sec:sessions_controller http://www.tutorialspoint.com/ruby-on-rails/rails-session-cookies.htm http://guides.rubyonrails.org/action_controller_overview.html#the-flash http://guides.rubyonrails.org/security.html#sessions