[Zope] Cookie Crumbler vs. Session data

Andy Dustman andy@dustman.net
25 Aug 2002 17:55:08 -0400


I'm using the Cookie Crumbler in conjuction with the Simple User Folder.
Cookie Crumbler stuffs all the user data within a cookie called __ac (by
default) as separate variables. session_data_manager, OTOH, has it's own
_ZopeId cookie for session data. Is there any existing product that
stores the authentication data in the session data instead of a separate
cookie? Or is that just a bad idea? In my case, I would like the
authentication data to expire at same time as the session data, and
putting it into the session data reduces the number of cookies, plus
does not retransmit the authentication data on each request.

-- 
Andy Dustman         PGP: 0x930B8AB6
    @       .net     http://dustman.net/andy
"Cogito, ergo sum." -- Rene Descartes
"I yam what I yam and that's all what I yam." -- Popeye