That is what I want to store... I want turbine to make my user login once a
day.. instead of every session... I think I can implement this in a custom
SessionValidator if it is not available to me already... I think all that
needs to happen is have the jsession id stored in a persistent cookie
instead of a session cookie... maybe not though...
----- Original Message -----
From: "Gareth Coltman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, September 04, 2001 8:54 AM
Subject: RE: security
> >
> > It looks like login is using soft... is there a way to switch
> > it to hard?
> >
>
> Well, no I wouldn't think so. Session cookies are stored by the browser in
memory. When the browser closes, the session dies. The
> session cookie (ie the id) is valid only for the lifetime of the session -
this is why it is not persisted. The volitile nature of
> sessions (ie they expire) makes it a little pointless to store the cookie
on disk.
>
> Hard cookies are not for session tracking, they are used to store things
like usernames, preferences etc.
>
> G
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
