[nycphp-talk] Single sign-on -- one more gotcha
Cliff Hirsch
cliff at pinestream.com
Wed Mar 28 12:57:24 EDT 2007
I have been going through the two-application ‹ two sessions ‹ single
sign-on issue as well, and just want to point out one more potential gotcha
that hasn¹t been covered yet.
If you are integrating multiple applications on one site, any form of
authentication/single sign-in does not address the session duration/expiry
issue. Unless you have one session store or update all relevant sessions,
parts of your application will expire/garbage cleanup at different times,
which could be very confusing to the end user. ³Why am I still logged in
here, but not there...?²
As I see it, there only two ways to deal with this:
1. Integrate the sessions
2. A register shutdown function that ³refreshes² the expiry value in all
related sessions.
Cliff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20070328/d6c3a908/attachment.html>
More information about the talk
mailing list