oook. :) well since sessions know nothing about authentication, therefore they dont know who created them and thus cant logout the user who created them on expiry. so then how would one go about checking inactivity on part of a user. for e.g. User logged in at t = 0 mins. A cookie is set that records the login time. user worked on the site and finished work at time t = x at time t = x+20 user times out and user is logged out. How do I implement the method that polls the system clock vs the cookie set at logon vs last hit time (provided I record the last hit time too (damn this is getting confusing!!!) ) Can it even be done or am I just being wishful ??? TIA AM Chris McDonough wrote:
Currently, sessions have nothing to do whatsoever with Zope authentication, so there's no "right way" to do this short of writing your own user folder implementation (or extending an existing one).
- C