On Mon, Aug 26, 2002 at 06:26:19PM -0400, Chris McDonough wrote:
FWIW, Shane mentioned that sessions use cookies, but on the 2.6 branch (the trunk) it's possible to do "cookieless" sessioning via the automatic embedding of browser ids in the URL. It makes for very ugly URLs, though, and you still need to either post to forms with Zope-generated URLs or embed the browser id in a hidden form element.
Yeah, I've gone through those contortions. I'd like to avoid doing it again. My preference is to avoid trying to weld "sessions" into HTTP. When *I* cut something, it should be in *my* "clipboard". I'm authenticated as me. That should be enough information to find what I just cut. It will also work when I'm using multiple browsers (because I still haven't figured out how to use tabs in textareas in Mozilla/Galeon). I like the idea of using the authentication ID as the key for a session manager, but it seems like something much simpler should suffice. Thank you for thinking about this. --kyler