Hi all, I see that sfBasicSecurityUser regenerates the session ID after calling setAuthenticated and/or add/removeCredential. I understand this is a security feature. However I do not see the point of not deleting the old sessions (i.e. calling session_regenerate_id with false). If they were deleted, I could get the number of recent visitors by counting active sessions in the table... Can anybody enlighten me on this one ?
Thank you, Zoltan. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
