>From: "Chris McDonough" <[EMAIL PROTECTED]>
>A new release of the "CoreSessionTracking" product is out.  The product
>allows you to associate state with anonymous visitors between requests.

I've been wondering about this for a long time. It allows you to associate 
state with anonymous users. Does this imply that you can't associate state 
with authenticated users, or that there's another mechanism to do it with 
authenticated users?

In the servlet paradigm, there's a distinction between the HTTP session and 
authentication. You set up a session with an HTTP request, and thereafter 
if the session ID is returned to you it's the same session. In that 
session, the user can choose to login or not.

Is this the same thing or is it different?

Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-dev )

Reply via email to