[Zope-PAS] Re: [RFC] Extending CookieAuthHelper
Jens Vagelpohl
jens at dataflake.org
Fri Nov 12 11:04:21 EST 2004
On Nov 12, 2004, at 15:40, Tres Seaver wrote:
> Jens Vagelpohl wrote:
>
>> Yes, that's a good point and I have thought about it myself. There is
>> two items that need to be clened up, come to think of it. On the one
>> hand you have a session, but then there's also a cookie. I'm not sure
>> yet if I want to re-use the standard sessioning cookie or set my own.
>> I need to look at how the timeouts in these items are handled by the
>> standard sessioning machinery.
>
> If you plan to use sessions, you should just rely on the single
> browser ID cookie which Zope's browser_id_manager gives you already.
> There is no reason to expire that cookie, ever.
Right, that's what I'm proposing in the summary I sent out half an hour
ago.
jens
More information about the Zope-PAS
mailing list