Task #94243
Updated by Oliver Hader almost 3 years ago
Several performance analysis showed that @AbstractUserAuthentication@ takes a reasonable amount of processing time (~ 5-10% of total), even if a session ID are not given or invalid. In order to reduce database invocations for invalid sessions, a corresponding HMAC signature is added to HTTP cookie values.
h3. Additional aspects
* requires change in testing-framework (probably use @UserSession->getCookieValue()@), see https://github.com/TYPO3/testing-framework/blob/d74a027a186d62e6218b8e29328449d9b97e259f/Classes/Core/Functional/FunctionalTestCase.php#L425