[Zope] AUTHENTICATED_USER, and what you can do with it.

Anthony Baxter Anthony Baxter <anthony@interlink.com.au>
Wed, 03 Mar 1999 19:20:53 +1100


> What you could do, is write your own UserFolder/User combo, that stores a
> last-access time on the User object, and checks for this every time a user is
> authenticated. If the difference is greater than, say 15 minutes, you force a
> reauthentication by raising a permission denied.

I tried playing with this once upon a time, but I found that the stupid
browser still cached the original result and would continue to use it after
the failed login/relogin combination. Most frustrating.

Anthony