Re: Session tracking

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Thomas Maslen: "Re: Session tracking"
• Previous message: Lou Montulli: "Re: Session tracking"
• Maybe in reply to: Brian Behlendorf: "Session tracking"
• Next in thread: Thomas Maslen: "Re: Session tracking"

This can be implemented in about 500 lines of C code so it's not
really as complex as it might sound. This is also very
similar to the way access authorization works so there can
be alot of shared code involved.

>
> Second, the cross-session capability is a really poor man's
> solution for storing state client-side. Isn't the persistent
> document cache already a much more sophisticated place for storing
> state across sessions on the client? Why have a separate, parallel
> mechanism for caching and security of these limited, HTTP-specific
> "cookies"? I'd rather see some new HTTP metainfo which gives hints
> for persistent caching and reloading of documents (I'm not sure how
> to do this though...).

Embedding state information in documents is the wrong
way to accomplish this. Information embedded within a
document is dependant on the path used to enter a server.
If you don't access through the same URL you lose the information.
With cookies the information is sent regardless of your
navigation path.

:lou

-- 
Lou Montulli                 http://www.mcom.com/people/montulli/
       Netscape Communications Corp.

• Next message: Thomas Maslen: "Re: Session tracking"
• Previous message: Lou Montulli: "Re: Session tracking"
• Maybe in reply to: Brian Behlendorf: "Session tracking"
• Next in thread: Thomas Maslen: "Re: Session tracking"