Hi, On 28.01.2010 11:02, Vidar Ramdal wrote: > On Thu, Jan 28, 2010 at 9:17 AM, Carsten Ziegeler <[email protected]> > wrote: > >> I think the new authentication bundle is a great step forward. However >> :) I think we should enhance it a little bit to support cookie/session >> based authentication. >> [...] >> WDYT? > > Two questions immediately comes to mind when considering user sessions: > 1. Is it really RESTful?
Probably not. But we still have the plain HTTP Basic authentication. > 2. How do we handle sessions in clustered environment? If we have HTTP Sessions, the cluster should handle this for. In the case of plain cookies, there are two options: Sticky sessions or implement a functionality to publish the state amongst the cluster instances. Regards Felix
