2010/11/29 Andreas Jung <li...@zopyx.com>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > We have the requirement within a project that a Plone user should > be logged off automatically after N minutes of inactivity (means > the authentication cookie should expire after N minutes). > > CookieAuthHelper.updateCredentials() is in charge for the initial > setting of the authentication cookie. Adding an expiration date here > would not be the deal. However the authentication cookie > must be set with an updated expiration date upon every request (in order > to reset the inactivity timer to zero). Is there some way for hooking > this functionality properly into PAS? Otherwise I would have to > hack the ZPublisher somehow...(perhaps using Publisher events...).