persistant data

Randy Wigginton krw at
Tue Sep 5 19:03:38 UTC 2006

An alternative that is not military-grade secure, but sufficient for  
most applications, is to store the user's session with a generated  
UUID and put the UUID into a cookie for the user.  Chances of a  
collision are sufficiently low for 99% of applications.

On Sep 5, 2006, at 2:58 PM, Perrin Harkins wrote:

> On Tue, 2006-09-05 at 12:27 -0400, Evert|Rooftop wrote:
>> How can you authenticate with a cookie if you don't have something on
>> the server-side to match with
> A MAC works for this.  All you need is a server-side secret key.  See
> for an example
> implementation.
> - Perrin

More information about the memcached mailing list