[Zope-PAS] Re: [RFC] Extending CookieAuthHelper
tseaver at zope.com
Fri Nov 12 09:40:37 EST 2004
Jens Vagelpohl wrote:
> Yes, that's a good point and I have thought about it myself. There is
> two items that need to be clened up, come to think of it. On the one
> hand you have a session, but then there's also a cookie. I'm not sure
> yet if I want to re-use the standard sessioning cookie or set my own. I
> need to look at how the timeouts in these items are handled by the
> standard sessioning machinery.
If you plan to use sessions, you should just rely on the single browser
ID cookie which Zope's browser_id_manager gives you already. There is
no reason to expire that cookie, ever.
Tres Seaver tseaver at zope.com
Zope Corporation "Zope Dealers" http://www.zope.com
More information about the Zope-PAS