Use cookie-based sessions when Django 1.4 is available
Django 1.4 includes signed cookie-based sessions. This is the most reasonable default session backend for the purposes of Horizon (specific production deployment needs will vary). See https:/
Blueprint information
- Status:
- Complete
- Approver:
- Devin Carlen
- Priority:
- Medium
- Drafter:
- Gabriel Hurley
- Direction:
- Approved
- Assignee:
- Gabriel Hurley
- Definition:
- Approved
- Series goal:
- Accepted for essex
- Implementation:
-
Implemented
- Milestone target:
-
2012.1
- Started by
- Gabriel Hurley
- Completed by
- Tres Henry
Related branches
Related bugs
Sprints
Whiteboard
Considerations:
* Django 1.4 FINAL isn't going to be released until fairly close to the Essex release deadline.
* Django 1.4 likely will not be the version shipped by Ubuntu 12.04.
* Using cookie-based sessions is a trivial two-line change in the settings file, and is a deployment-related issue as-is.
* Making cookie-based sessions the default pegs us to 1.4 as the minimum version, whereas not making it the default allows us to keep 1.3.1 as the minimum version for Essex while still being compatible with 1.4 when it's released.
As such, and after discussion with Anthony Young and Tres Henry, I'm recommending this blueprint be changed to a documentation issue: simply that we add a section to the docs on deployment issues, starting with information on the session backends, how to configure them, and some basic pros and cons.
[devcamcar] Make it so!
Gerrit topic: https:/
Addressed by: https:/
Added beginnings of a deployment guide w/ info on sessions.
Work Items
Dependency tree
* Blueprints in grey have been implemented.
