Home  /  RSS  /  RSS Comments  /  Enter

Session Sharing with Non-CppCMS technologies

Monday, November 16, 2015, by artyom ; Posted in: Progress; one comment

One of the problems in integrating different technologies on same web site is sharing the data between them, in particular sharing session data.

For example you have a huge web platform written in PHP or Java and you want to improve performance of certain subsystems poring them to CppCMS. On of the first issues you'd encounter is how to share the session between them - so every side would know who is the user, what permissions he has, etc.

So I made cppcms::session_pool and cppcms::session_interface accessible outside the usual request/response scope and wrapped it with pure C API - such that no C++ exceptions are thrown and every function is resolvable via dlopen/GetProcAddress- to make it more accessible for integration with different languages.

Several modules for different programming languages were implemented allowing smooth integration with their web frameworks and APIs:

Actually there is no particular limits regarding technology - just a question of implementing loadable module for a specific language/platform.

In general it consists of a SessionPool object that is created from a configuration file and exists globally. It generates a special Session objects that is loaded from Http Request cookies, updated and saved to the Http Response object.

It looks like this:


// pool initialization
// per request session access
if($session->is_set('x')) {



static SessionPool pool;

public void init() throws ServletException
    pool = SessionPool.openFromConfig("/path/to/cppcms-config.js");

public void doGet(HttpServletRequest request,
                  HttpServletResponse response) 
                    throws ServletException, IOException
    Session session = pool.getSession();
    String x="0";

Python with Django:

# Create global pool

# Actual view
def home(request):
    if 'x' in s:
            v= s['x']
    response = HttpResponse()


static SessionPool pool;
static Example() {
    pool = SessionPool.FromConfig("cppcms-config.js");
protected void Page_Load(object sender,EventArgs e)
    using(Session s = pool.Session()) {
        string v="0";
        v = (int.Parse(v) + 1).ToString();

So basically you have a full access to CppCMS session from 3rd party most popular technologies.

Still thinking of implementing a module for Ruby on Rails but I have never written a line of code in Ruby so it is quite challenging for me. I'll probably wait till somebody contributes one.

Serving All Israeli News Web Sites from a Single EC2 instance...

Thursday, November 13, 2014, by artyom ; Posted in: Progress, Benchmarks, Framework; 6 comments

For the last year the development of the CppCMS project was less active. The vast majority of the work hours were spent on a customer's project that used CppCMS to create an outstanding advertisement system.

The project is called Linicom.

Today, when Linicom is up, running and maintained by a larger team, so I can resume the activity on the core CppCMS project itself.

Few words about Linicom:

Linicom is an engine that provides content and visitor sensitive advertisements for almost all large Israeli news web sites: including Ynet, Haaretz, Jerusalem Post, Mako, Walla and other significant web sites in Israel and abroad.

Here some interesting facts:

The system runs behind Lighttpd and uses PostgreSQL for persistent data storage. Also PostgreSQL is used extensively, all real time data is stored in memory.

Almost every request needs data processing in order to provide highly customized advertisements. In technical terms it means that almost no request can be "outsourced" to a static files - every request for every customer should be processed explicitly.

This system is probably one of the classic applications of CppCMS technology - web based system that required to be fast and efficient, being able to handle outstanding and sometimes unexpectedly changing loads without problems and provide high QoS.

Use of in-memory data storage, caching and efficient handing of the data that can't be cached is were CppCMS shines. Having a big growth potential with a minimal required maintenance and high reliability allows the to handle the business-end safely without worrying about performance issues.

CppCMS 1.0.5 Released

Thursday, October 30, 2014, by artyom ; Posted in: Progress; 4 comments

Bug Fixes:

Minor Security Improvements:

Platform Support:

The code is downloadable from sourceforge. Binary RPM releases already available at The Open Build Service repository. Debian packages would be published soon.

Update: Debian and Ubuntu packages are ready at the repository.

CppCMS 1.0.4 Released

Monday, June 24, 2013, by artyom ; Posted in: Progress; 9 comments

This is a critical bug fix release that relates to session handing in Internet Explorer.

Added "Expires" to cookie expiration time handling that is supported by IE.

Prior to this release, cppcms session cookies used max-age option, that IE does not recognize. Starting from this release the session cookies would have both Expires and Max-Age options. All browsers that use Max-Age would ignore Expires if both given.

New options that control the session cookie properties are added, see expiration_method that would allow to alter the behavior and handle possible clock skew issues

Special thanks to Saikumar Gandapodi who reported me this issue.

Security bug fix release - CppCMS 1.0.3

Friday, January 4, 2013, by artyom ; one comment

CppCMS 1.0.3 was released today, it includes security bug fix.

This bug allowed CppCMS encoding validation to accept some invalid UTF-8 sequences which could potentially lead to various security problems like XSS and more.

It is strongly recommended to upgrade to latest version.

Note: for thous who used booster::locale::utf::utf_traits or functions booster::locale::conv::utf_to_utf directly rather than using built in CppCMS forms validation/XSS validation, you may need to recompile the application to get the updates.

The release is available on sourceforge and in the official repositories for Ubuntu oneiric, precise and quantal, Debian squeeze, Fedora 16 and 17, Centos 6 and Open Suse 11.4 and 12.1

previous page

next page