[Zope-dev] Feedback wanted on GenericUserFolder

[gtk]

> (Also, when they re-login, if you've kept the expired session around,
> you can drop them back where they were).

A trick I used to do with ASP (yeah, yeah, I know...) was to have my session
management and authentication handled inline with the page as an include --
much like a <dtml-var>. If the user didn't have a session or their session
had expired, I'd generate a login form, create hidden fields for any POSTed
items, and terminate the render there. When they logged in, they'd go
straight back to where they were and continue what they were doing.

The alternative would be spending a lot of time composing some kind of
posting, only to have all the effort thrown away when you posted and got
redirected to the login form because your session had expired. Particularly
with one of the popular browsers wiping the original form's contents when
you hit the back button, handling things politely was a must.

Regards,
Garth.

--
<gtk@well.com>