[Zope] Preserving Settings during a user's session

Scott Robertson sroberts@codeit.com
Thu, 25 Feb 1999 14:43:53 -0800 (PST)


On Wed, 24 Feb 1999, Christopher G. Petrilli wrote:
> Ah, I guess I glossed over the idea ... these IDs are generated once,
> and I *AM* assuming that at any instantaneous point in time (i.e.
> subsecond accuracy) there are not two of them from the same IP address
> being generated :-)  
> 
> Actually, Linux/UNIX is hardly an issue any more for web servers,
> firewalls however, ARE :-)  
> 
> So if you had two people coming from Firewall A (192.168.1.1), so long
> as they got their IDs at lest a 10th of a second apart (or whatever
> accuracy time.time() returns) they'd always be unique.
> 
> Make more sense now? :-)  BTW, I've got to get an SHA1 implementation in
> the libraries, i Just don't like MD5.
> 

Errr, could you hash in the user name as well so that we might even be
able to further avoid that 10th of a second part. 

Heck why I'm at it (it being suggesting more work for others to do).

Could we get these sessions to expire after a certain inactiviy period? 

And possibly map sessions to acl_user folders so that they don't have to
re-login (as long as their sessions are valid) and so that we can replace
that ugly browser dialog box with a pretty web page of our own design?
  
---------------------------------------------------
- Scott Robertson             Phone: 714.972.2299 -
- CodeIt Computing            Fax:   714.972.2399 -
-                http://codeit.com                -
---------------------------------------------------