Is it possible to use Session without cookie-ip base?

[ermesoml]

Hi everyonce,

I have an applications constructed above IdCustomHTTPServer that controls the access with sessions.
But some internet operatitors, mainly mobile (in Brazil), uses at the same request of page many IP's, that ocasion the issue of lose sessions while using the system.

When i search the create session methods of IdCustomHTTPServer i found this:

Code:

function TIdHTTPDefaultSessionList.CreateUniqueSession(
 const RemoteIP: String): TIdHTTPSession;
var
 SessionID: String;
begin
 SessionID := GetRandomString(15);
 while GetSession(SessionID, RemoteIP) <> nil do
 begin
   SessionID := GetRandomString(15);
 end;    // while
 Result := CreateSession(RemoteIP, SessionID);
end;

Its possible to modify in some part of component to the RemoteIP came void or to the component IdCustomHTTPServer dont use the ip based session?
Thanks so much!

[rlebeau]

When i search the create session methods of IdCustomHTTPServer i found this:

Code:

function TIdHTTPDefaultSessionList.CreateUniqueSession(
 const RemoteIP: String): TIdHTTPSession;

Its possible to modify in some part of component to the RemoteIP came void or to the component IdCustomHTTPServer dont use the ip based session?

The TIdHTTPDefaultSessionList.CreateUniqueSession() method gets called only when:

1. The TIdHTTPServer.SessionList property is not assigned a custom list class.

2. you do not return a TIdHTTPSession object from the TIdHTTPServer.OnCreateSession event.

3. the TIdHTTPServer.AutoStartSession property is true (it is false by default), or your OnCommand... handlers call the TIdHTTPServer.CreateSession() method directly.

You can create new sessions however you want if you use the OnCreateSession event. Or track sessions however you want if you derive a custom class from TIdHTTPCustomSessionList and then assign it to the TIdHTTPServer.SessionList property.