On Thu, Feb 25, 1999 at 02:43:53PM -0800, Scott Robertson wrote:
Errr, could you hash in the user name as well so that we might even be able to further avoid that 10th of a second part.
Well, a quick test on my machine at least, generating 1M sample from the time counter as fast as I can in Python, the interval necessary to break the counter would be 1/100th of a second. And this would then require that they both be originating from the same IP address as well. Now, please understand this concept of "session" is more for tracking a user through the site, rather than authenticating the user... it could be used for that by attaching authentication information to the SessionID object referenced.
Heck why I'm at it (it being suggesting more work for others to do).
Always happy to handwave more, it's largely free... except for the CTS ;-) I'll send a bill!
Could we get these sessions to expire after a certain inactiviy period?
Well, that shouldn't be that hard, just need to reap the database on occasion.
And possibly map sessions to acl_user folders so that they don't have to re-login (as long as their sessions are valid) and so that we can replace that ugly browser dialog box with a pretty web page of our own design?
Well, this would be seperate I think... not sure, honestly, gotta think on THIS one ... how to integrate the user objects together. Chris -- | Christopher Petrilli ``Television is bubble-gum for | petrilli@amber.org the mind.''-Frank Lloyd Wright