30 Jan
2001
30 Jan
'01
6:26 p.m.
servlet world too), when a session starts and ends, you can associate an event with it. So this allows you to use the session space as sort of a scratchpad for use when a user comes in. At start time, you copy over some user state to the session object (based on authentication information). The user does some stuff, changing the contents of the session state. Then when the session expires, the session end event is called, the state is copied back to the user object. This is something that core session tracking doesn't do because session ids don't expire.
Actually, the more I think about this, the more convinced I become that I should offer something this tied to the expiration of the session data object.