Task #94243
Updated by Oliver Hader about 3 years ago
Several performance analysis showed that @AbstractUserAuthentication@ takes a reasonable amount of processing time (~ 5-10% of total), time, even if a session ID are not given or invalid. In order to reduce database invocations for invalid sessions, a corresponding HMAC signature is added to HTTP cookie values.