zope.session provides interfaces for client identification and session support and their implementations for zope.publisher's request objects.
Sessions
Sessions provide a way to temporarily associate information with a client without requiring the authentication of a principal. We associate an identifier with a particular client. Whenever we get a request from that client, we compute the identifier and use the identifier to look up associated information, which is stored on the server.
A major disadvantage of sessions is that they require management of information on the server. This can have major implications for scalability. It is possible for a framework to make use of session data very easy for the developer. This is great if scalability is not an issue, otherwise, it is a booby trap.
What is new in this release:
- LP #824355: enable support for HttpOnly cookies.
- Fix a bug in zope.session.session.Session that would trigger an infinite loop if either iteration or a containment test were attempted on an instance.
Requirements:
- Python
Comments not found