ad_assign_session_id

one of the documented procedures in this installation of the ACS
Usage:
ad_assign_session_id   db
What it does:
Sets up the session, setting the global variables and issuing a cookie if necessary.
Defined in: /web/philip/packages/acs-core/security-procs.tcl

Source code:


    
    global ad_conn
    
    # Generate all the information we need to create the session.
    # Fails under read-only -jsc
    set ad_conn(session_id) [database_to_tcl_string $db "select sec_id_seq.nextval from dual"]
    set ad_conn(token) [sec_random_token]
    sec_log "Generating new session_id $ad_conn(session_id)."

    if { [ad_secure_conn_p] } {
	# Secure session - generate the secure token.
	set secure_token [sec_random_token]
	sec_generate_secure_token_cookie $secure_token
    } else {
	set secure_token ""
    }

    set ad_conn(user_id) 0
    if { [regexp {^([0-9]+),(.+)$} [ns_urldecode [ad_get_cookie "ad_user_login"]]  "" user_id login_token] } {
	if { [database_to_tcl_string $db "
	    select count(*)
            from   users u, sec_login_tokens t
            where  t.user_id = $user_id
            and    u.user_id = $user_id
            and    t.password = u.password
            and    t.login_token = '[DoubleApos $login_token]'
        "] } {
	    set ad_conn(user_id) $user_id
	}
    }

    if { $ad_conn(user_id) == 0 } {
	set insert_id "null"
    } else {
	set insert_id $ad_conn(user_id)
    }

    # Fails under read-only -jsc
    ns_db dml $db "
    insert into sec_sessions(session_id, user_id, token, secure_token, browser_id,
    last_ip, last_hit)
    values($ad_conn(session_id), $insert_id, '$ad_conn(token)', '$secure_token', $ad_conn(browser_id),
    '[peeraddr]', [ns_time])
    "

    if { [ad_secure_conn_p] } {
	set ad_conn(sec_validated) "secure"
    } else {
	set ad_conn(sec_validated) "insecure"
    }

    sec_generate_session_id_cookie

    # **** commented out by philg on Feb 24, 2003 because it was generating errors
    # and nobody seems to be using it ****
    # Update last_visit and second_to_last_visit
    # ns_db dml $db "begin sec_rotate_last_visit($ad_conn(browser_id), [ns_time]); end;"


philg@mit.edu