[thesite] [UEUE] Unified Sessions req. for more details
Warden, Matt
mwarden at mattwarden.com
Fri Nov 9 12:58:39 CST 2001
On Nov 8, Mark Nickel had something to say about [thesite] [UEUE] Unified...
>Potentially *every* browser connections is going to result in session
>synchronization with the subsite and ueue.evolt.org...
Why would that be? Maybe there's some security concern I'm not thinking
of. The query to ueue would only happen when session information doesn't
exist or, for some reason, is invalid. From then on, the app can grab the
info from the session, like weo does now.
And, like i said, if someone goes from weo to deo, and deo needs certain
information, deo wouldn't have an active session for this user, so it
treats them as unauthenticated (except for maybe username/pw in
cookie) and authenticates with ueue. Then it builds its own session. There
are now two active sessions for the same user (one in CF, one in PHP), but
that should be ok... I think.
--
mattwarden
mattwarden.com
More information about the thesite
mailing list