Valentino Volonghi aka Dialtone ha scritto: > [...] > Also it would use the session as a storage for > objects which is a bad way to program. Of course it is possible anyway, > but at least it's not encouraged by the framework. >
I have found an example that needs specialized (non authenticators) sessions. Several e-commerce sites allow costumers to put items into a basket even if they are not authenticated. Authentication is really needed only for the transaction, where we need the costumer approvation and its private data. And it is a good idea to put the transaction resource on a subdomain, SSL protected (and setting the secure and domain cookie attributes). I thinks that you implementation of guard is focused on a single type of web application, like stiq. Regards Manlio Perillo _______________________________________________ Twisted-web mailing list [email protected] http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
