At 10:57 AM 3/30/00 -0500, Andrew M. Kuchling wrote:
I've started writing up some requirements for session tracking in Zope; comments (or discussion on this list) are welcomed.
http://starship.python.net/crew/amk/zope/sess-req.html
The proposed interface is only described in very rough notes, and I don't yet consider it finished; don't pay too much attention to it at this point (though comment on it if you like).
Comments/suggestions: * Seperate management of a session *key* from management of session content, thus allowing seperate "applications" to manage app-specific data in a meaningful way. Let a SessionManager (which operates as part of a traversal into a part of the site), handle creating a SESSION_ID key in the REQUEST. * Use the Implementor/Rack pattern to store session data. Asking the application's ISession implementor for a session with the SESSION_ID key would create it if need be. Also, using Implementor/Rack would allow attachment of arbitrary property sheets to session objects, each storing their data in different places if desired/required. These approaches don't directly solve all of the issues you bring up, but they avoid making the definition of session too much like an ASP Session object, which IMHO is too CGI-like and feature-poor.