I posted this message over in cherrypy-users: http://groups.google.com/group/cherrypy-users/browse_thread/thread/6292f050edb793ce/4ab53ae54dc7cd2a#4ab53ae54dc7cd2a
The sessionfilter's cookie does not currently work on Internet Explorer because it doesn't write the cookie to disk (the "max-age" vs "expires" issue I describe). The reply I received seems to indicate that the sessionfilter's cookies are not designed to last beyond the browser being closed & re-opened. This makes no sense to me. My expectation has been that the session is a cookie - therefore it should be completely sane to store a simple value like "userid" or "last_visit_time" in the session and set the cookie's expiration out 30 days with the full expectation that the cookie would still be there for the next 30 days. My definition of a "session" is that a session lasts however long you want it to be...by setting the expiration time. Should I be expected to copy & paste the sessionfilter code to make my own longer-than-a-single-sitting-sessionfilter that does the exact same thing as the sessionfilter, but with cookies that persist? (Note that I'm still in TG 0.8.8 land...I'm not on top of what might be going on with identity management, etc. in 0.9) Thanks. Jeff
