On Sep 6, 1:32 pm, "Karen Tracey" <[EMAIL PROTECTED]> wrote:
> On Sat, Sep 6, 2008 at 8:20 AM, Tim Chase <[EMAIL PROTECTED]>wrote:
>
> > Or one might be behind a load-balancing
> > NAT (I believe AOL did/does something like this) so requests from
> > the same user behind the NAT can appear to be coming from
> > different public IP addresses.
>
> AOL certainly does this. Either that or my own little web site has an
> astonishingly high number of different AOL users hitting it.
I wonder - what percentage of net users do use AOL as their ISP?
Certainly I don't want people being logged out because their ISP has
some hardware alternating their external IP address. I notice bugzilla
actually provides the option of tying in your session with your IP
address, or not. Though I think that kind of choice should be limited
to a very particular target audience.
So, I think I won't bother with the IP address checking. The
authentication/authorization system I plan to implement will issue
authentication tokens (a-la Google accounts, but perhaps the idea is
used elsewhere) for use by mobile clients using the restful API, and
yes, I can imagine that in that domain it isn't certain at all that
repeat requests will be coming from the same IP address.
Thanks for the feedback. You've given me some food for thought.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
