![Page 1: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/1.jpg)
Implementing Session Support
COEN 351
![Page 2: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/2.jpg)
State Maintenance
Client Side Mechanisms Cookies
Client needs to allow cookies Cookie handling done by browser
Hidden Fields in Forms Each page has to be rebuild to contain correct form
Fat URL Each page has to be rebuild with correct links
Server Side Mechanisms Files Database Webserver
Long running process that can crash Needs to use a client side mechanism
Security Implication: CLIENT CAN CHANGE ALL INFORMATION
![Page 3: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/3.jpg)
Server Side Support
Apache:SessionPerl module failed test for windows
CGI:Session Homemade Session Support
Use to investigate security issues
![Page 4: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/4.jpg)
Using a session database
mysql> create database session;mysql> use session;mysql> create table sessionid ( -> id MEDIUMINT NOT NULL AUTO_INCREMENT, -> name CHAR(30) NOT NULL, -> PRIMARY KEY (id) -> );
![Page 5: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/5.jpg)
Using a session databasemysql> show tables;+-------------------+| Tables_in_session |+-------------------+| sessionid |+-------------------+1 row in set (0.00 sec)
mysql> INSERT INTO sessionid (name) VALUES ('thomas');Query OK, 1 row affected (0.10 sec)
mysql> INSERT INTO sessionid (name) VALUES ('bob'),('jim');Query OK, 2 rows affected (0.04 sec)Records: 2 Duplicates: 0 Warnings: 0
mysql> SELECT * FROM sessionid ORDER BY id;+----+--------+| id | name |+----+--------+| 1 | thomas || 2 | bob || 3 | jim |+----+--------+3 rows in set (0.00 sec)
![Page 6: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/6.jpg)
Creating a Password Database
mysql> create table user ( -> name VARCHAR(8), -> password VARCHAR(8), -> primary key (name) -> );Query OK, 0 rows affected (0.16 sec)
mysql> INSERT INTO user -> VALUES ('JoeDoe','12345'), ('JaneDoe','12345') -> ;Query OK, 2 rows affected (0.09 sec)Records: 2 Duplicates: 0 Warnings: 0
![Page 7: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/7.jpg)
Sample Application
Login PageTypically form that is self-referring
When user info is submitted, page acts differently
Acceptance page that creates a sessionStores session id in cookie
![Page 8: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/8.jpg)
Login Page#!/perl/bin/perl.exe
use strict;use CGI qw/:standard/;use MIME::Base64::URLSafe;#I had problems with this module under build 819
my $q = new CGI;
print $q->header(-type => "text/html");print $q->start_html("Santa Claus University Login Page");print $q->h1("Welcome to Santa Claus University");print $q->start_form( -action => "session1.cgi", -method => 'GET'),
$q->p("Please enter your account"),$q->textfield (-name => "name"),$q->p("Please enter your password"),$q->textfield (-name => "pwd"),$q->p(" "),$q->submit (-name => 'choice', -value => "Submit" ), $q->end_form();
print $q->end_html;
More normal:-action => url()
![Page 9: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/9.jpg)
Login Page
<!DOCTYPE htmlPUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US"><head><title>Santa Claus University Login Page</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /></head><body><h1>Welcome to Santa Claus University</h1><form method="get" action="session1.cgi" enctype="multipart/form-data"><p>Please enter your account</p><input type="text" name="name" value="thomas" /><p>Please enter your password</p><input type="text" name="pwd" value="hallo" /><p> </p><input type="submit" name="choice" value="Submit" /></form></body></html> Notice that there is currently no protection for the data
to be transmitted.
![Page 10: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/10.jpg)
Creating a Session
Use MySQL database with autoincrement feature:
mysql> describe sessionid;+-------+--------------+------+-----+---------+----------------+| Field | Type | Null | Key | Default | Extra |+-------+--------------+------+-----+---------+----------------+| id | mediumint(9) | NO | PRI | NULL | auto_increment || name | char(30) | NO | | | |+-------+--------------+------+-----+---------+----------------+2 rows in set (0.15 sec)
![Page 11: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/11.jpg)
Creating a Session
#!/perl/bin/perl.exe
use strict;use DBI;use CGI qw/:standard :html3/;use CGI::Carp qw/ fatalsToBrowser/; #for debugging onlyuse MIME::Base64::URLSafe;#I had problems with this module under build 819my $q = new CGI;#Get information from GET data:my $username = param('name');my $pwd = param('pwd');
![Page 12: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/12.jpg)
Creating a Sessionmy $dbh = DBI->connect ("DBI:mysql:host=localhost;database=session",
"root", "none",{PrintError => 0, RaiseError => 1} );my $sth = $dbh->prepare("SELECT * FROM user WHERE name = '$username' and password = '$pwd' ");$sth->execute();my $ref = $sth->fetchrow_hashref ();$sth->finish();if (!defined($ref)) {
print "Location: http://192.168.0.13/cgi-bin/session.cgi\n\n"}else {
code on next page}
Possibility of SQL injection attack!
Would it be better to check results?
![Page 13: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/13.jpg)
Creating a Session
else { #create entry in sessionid, get session ID, and clean up table $dbh->do ("INSERT INTO sessionID (id,name)
VALUES(NULL,'$username')" ); my $ref = $dbh->selectcol_arrayref("SELECT LAST_INSERT_ID()"); my $sessionid = @{$ref}[0]; $dbh->do("DELETE LOW_PRIORITY FROM sessionid WHERE id < '$sessionid' and name = '$username'");
Clean up session table
mysql> select * from sessionid;+----+---------+| id | name |+----+---------+| 41 | JoeDoe || 42 | JaneDoe |+----+---------+2 rows in set (0.05 sec)
Is this code vulnerable to a race condition?
![Page 14: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/14.jpg)
Creating a Session
else { …my $cookievalue1 = urlsafe_b64encode($sessionid);my $cookievalue2 = urlsafe_b64encode($username);my $cookie1 = $q->cookie ( -name => 'sessionID',
-value => $cookievalue1,-expires => "+1d"
);my $cookie2 = $q->cookie ( -name => 'account',
-value => $cookievalue2,-expires => "+1d"
);print $q->header(-type => "text/html", -cookie => [$cookie1,$cookie2]);print $q->start_html("Santa Claus University Login Page");print $q->h1("Welcome to Santa Claus University");print $q->start_form( -action => "session2.cgi", -method => 'GET'),
$q->hidden($cookievalue1),$q->submit (-name => 'Continue', -value => "Submit" ), $q->end_form();
print $q->end_html;
} Cookie values are not protected!
![Page 15: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/15.jpg)
Maintaining Session Datause strict;use DBI;use CGI qw/:standard :html3/;use CGI::Carp qw/ fatalsToBrowser/;use MIME::Base64::URLSafe;my $q = new CGI;
print $q->header(-type => "text/html");print $q->start_html("Santa Claus University Login Page"),
$q->h1("Welcome to Santa Claus University"),$q->p("We offer degrees for money.");
foreach my $name ($q->cookie()) {my $value = urlsafe_b64decode($q->cookie($name));print $q->p("$value");
}print $q->end_html;
No authentication of cookie values.
![Page 16: Implementing Session Support COEN 351. State Maintenance Client Side Mechanisms Cookies Client needs to allow cookies Cookie handling done by browser](https://reader036.vdocument.in/reader036/viewer/2022071806/56649f425503460f94c61969/html5/thumbnails/16.jpg)
Security Problems
We need to use cookies / fat URLs to refer to the current session name.This information needs to be protected
against alteration against substitution