Previously Alexander Limi wrote:
> Does anyone have any idea what approach people like Google (Gmail etc) use  
> for their implementation? It certainly seems like the most sensible  
> implementation out there wrt. to end-user usability - and I'm pretty sure  
> it scales too.

Judging from how I've seen google sites behave they use something 
similar to how OpenID works: have a seperate authentication site which
sites a domain-wide cookie which is picked by the all the
application-sites. Those can verify the cookie internally and will
probably cache the result.

> Is the session overhead a Zope-specific problem because of the  
> implementation there, or is it something with using this approach  
> inherently?

The Zope-specific bit is that the default Zope session setup does not (by
design) support Zeo clusters.


Wichert Akkerman <[EMAIL PROTECTED]>    It is simple to make things.                   It is hard to make things simple.

Framework-Team mailing list

Reply via email to